So I’m sure everyone has heard about the Heartbleed vulnerability in OpenSSL, it appears SSL has not been as secure as you would think – anyone is able to fetch stored SSL directly from the server and read the contents.
Luckily there has been an update released to fix the Heartbleed vulnerability, and all you need to do is update OpenSSL to protect your server from hackers.
So firstly you should check whether you have been vulnerable or not, so you can let your clients know that you were or were not vulnerable so they can take the correct cause of action.
Check using the Heartbleed Vulnerability Checker:
If you are vulnerable or you just want to make sure your OpenSSL is up to date then you will need to PuTTy to your server as root and run the following command:
On Ubuntu/Debian: sudo apt-get update sudo apt-get upgrade sudo /etc/init.d/apache2 restart On Centos: yum -y install openssl /etc/init.d/httpd restart
If you do not have root access you will need to contact your hosting provider and ask them to update OpenSSL on your server.