Heartbleed vulnerability (CVE-2014-0160) – are you affected?

Many of you are probably wondering if you have to worry about the Heartbleed vulnerability if you are hosted with HelpingHost.com.

The short answer is NO.

Heartbleed is a recently found vulnerability in the so called “TLS heartbeat extension” of OpenSSL. A piece of software installed on most web servers.

This TLS extension however was only added to OpenSSL in Version 1.0.1 and newer which means that older versions of OpenSSL simply do not have this featrure.

The infrastructure currently in production here at HelpingHost.com is based on CentOS 5 and Redhat Enterprise Version 5.

These operating systems are using a secure and fully vendor patched OpenSSL version 0.9.8e.

Because of this our servers (your websites) are NOT affected by the Heartbleed vulnerability  (CVE-2014-0160).