Railway signalling discussion

Heartbleed Bug

Essential information about the use of this forum and other news

Heartbleed Bug

Unread postby John Hinson » Fri Apr 11, 2014 5:02 am

Yesterday I sent an email to all registered users explaining how the Heartbleed Bug might be affecting the server this site is hosted on, and general information on the effect other sites may have on you and sensible action to take. This is the first time I have used the facility to email all users and it may have come as a bit of a surprise but I am sure you will appreciate it would not be wise to announce publicly on any web site for all to see that the server was insecure.

Later yesterday I established that the version of the SSL module on our server is unaffected by the Heartbleed Bug - I must admit that more by luck than judgement it is old enough to pre-date the unintentional implementation of the bug.

Therefore this site is not insecure and it will not be necessary to specially change passwords for this site. However, if you use the same password anywhere else it would be sensible to do so and you can do this now if you wish.

The advice concerning use of web sites in general (and the changing of passwords) is still valid, of course.

As the version of the module currently in use is an early one, I have decided that it would still be sensible to update it but this is now less of a priority. The update will be undertaken as soon as all priority work at the server centre is completed. When this takes place there will of necessity be a short outage of this site whilst the server is re-started.

Kindest regards,

User avatar
John Hinson
Site Admin
Site Admin
Posts: 6980
Joined: Thu Nov 8, 2007 1:13 pm
Location: at my computer

Return to Forum information

Who is online

Users browsing this forum: No registered users and 2 guests