1. Welcome to the premier online community and classifieds for bass players!

    Register a free account to post, remove lots of ads, and more!

Heartbleed

Discussion in 'Suggestion Box' started by Black Bart, Apr 10, 2014.


  1. Black Bart

    Black Bart Supporting Member

    Sep 11, 2010
    Just wondering if the site has been assessed regarding the Heartbleed SSL encryption flaw?

    According to a quick check at https://lastpass.com/heartbleed/?h=talkbass.com

    Site: talkbass.com
    Server software: Apache/2.2.15 (CentOS)
    Was vulnerable: Likely (known use OpenSSL)
    SSL Certificate: Possibly Unsafe (created 2 years ago at Aug 24 18:00:38 2012 GMT)
    Assessment: Wait for the site to update before changing your password
     
  2. paul

    paul Administrator Staff Member Administrator

    Jul 20, 2000
    Texas
    Every check I've run says the openssl version is ok. Regardless, as you know our certificate is self-signed and expired (we don't provide ssl support currently) so this is moot.

    We will support ssl after switch to new software shortly (days or weeks depending on how things go).
     
  3. vikunja

    vikunja

    Oct 29, 2004
    Norway
    Thanks for the information!
     
  4. Black Bart

    Black Bart Supporting Member

    Sep 11, 2010
    Thanks Paul. Good to know, feel free to close the thread.
     
  5. Sponsored by:

  6. paul

    paul Administrator Staff Member Administrator

    Jul 20, 2000
    Texas