Dismiss Notice

Welcome to TalkBass.com!

Register your free account to unlock features including:

  • Post messages or start new discussions
  • Send private messages to other members
  • Upload images and video to our gallery
  • Enter free giveaways
  • Get rid of this notice, and much more :)

Heartbleed

Discussion in 'Suggestion Box' started by Black Bart, Apr 10, 2014.


  1. Black Bart

    Black Bart Supporting Member

    Sep 11, 2010
    Just wondering if the site has been assessed regarding the Heartbleed SSL encryption flaw?

    According to a quick check at https://lastpass.com/heartbleed/?h=talkbass.com

    Site: talkbass.com
    Server software: Apache/2.2.15 (CentOS)
    Was vulnerable: Likely (known use OpenSSL)
    SSL Certificate: Possibly Unsafe (created 2 years ago at Aug 24 18:00:38 2012 GMT)
    Assessment: Wait for the site to update before changing your password
     
  2. paul

    paul Administrator Staff Member Administrator Supporting Member

    Jul 20, 2000
    Texas
    Every check I've run says the openssl version is ok. Regardless, as you know our certificate is self-signed and expired (we don't provide ssl support currently) so this is moot.

    We will support ssl after switch to new software shortly (days or weeks depending on how things go).
     
  3. vikunja

    vikunja

    Oct 29, 2004
    Norway
    Thanks for the information!
     
  4. Black Bart

    Black Bart Supporting Member

    Sep 11, 2010
    Thanks Paul. Good to know, feel free to close the thread.
     
  5. Sponsored by:

  6. paul

    paul Administrator Staff Member Administrator Supporting Member

    Jul 20, 2000
    Texas



Play guitar too? Become a founding member of TalkGuitar.com