Dean Williams

How to update OpenSSL to fix Heartbleed Vulnerability WHM/Plesk/Centos Servers

This is a mobile optimized version of this page, view original page.

So I’m sure everyone has heard about the Heartbleed vulnerability in OpenSSL, it appears SSL has not been as secure as you would think – anyone is able to fetch stored SSL directly from the server and read the contents.

Luckily there has been an update released to fix the Heartbleed vulnerability, and all you need to do is update OpenSSL to protect your server from hackers.

So firstly you should check whether you have been vulnerable or not, so you can let your clients know that you were or were not vulnerable so they can take the correct cause of action.

Check using the Heartbleed Vulnerability Checker:

http://filippo.io/Heartbleed/

 

If you are vulnerable or you just want to make sure your OpenSSL is up to date then you will need to PuTTy to your server as root and run the following command:

On Ubuntu/Debian:
sudo apt-get update
sudo apt-get upgrade
sudo /etc/init.d/apache2 restart

On Centos:
yum -y install openssl
/etc/init.d/httpd restart

 

If you do not have root access you will need to contact your hosting provider and ask them to update OpenSSL on your server.

Author: Dean Williams

I'm a Web Developer, Graphics Designer and Gamer, this is my personal site which provides PHP programming advice, hints and tips