Jump to content
Jguy

Brief forum downtime & openssl "heartbleed"

Recommended Posts

Hello,

 

Today I installed some updates that required a restart of apache and mysql. While I was in there I optimized the tables and gave the forum a nice new feel to its backend. This required a downtime of approximately 15-20 seconds while everything got started back up. Everything should be back up and running properly (and hopefully slightly faster) as of this post.

 

I also took the opportunity to update OpenSSL to protect against the heartbleed bug that recently surfaced. While Hercules does not use any SSL for any of our sites/services hosted on herc.ws (there's really no need at this particular point in time), its best to get it done now.

 

Thanks all and I apologize for any inconveniences this caused (usually I would announce it but didn't feel the 15 second downtime would have a huge impact). Next time if there are major maintenances going on we'll be sure to announce before hand.

Share this post


Link to post
Share on other sites

Be sure to change your github passwords or set up two-step auth on github. They were compromised / affected by the exploit.

Share this post


Link to post
Share on other sites

We don't need to make things like a race. Take this in mind: haste makes waste. This is the closest I know to a Spanish proverb whose literal translation is much like: "dress me slowly, because I'm in a hurry!". It just does say that rushing will lead us to do things improperly, thus having to invest time in fixing the problems, then doing it properly, resulting in delaying even more than if done straightforwardly right.

Share this post


Link to post
Share on other sites

well on topic, forgive my ignorance but can someone tell me what exactly is OpenSSL and heart-bleed? and what do they do?  I am not a technical guy so i dont understand. and yes, I did try looking for it on Wikipedia.

Share this post


Link to post
Share on other sites

well on topic, forgive my ignorance but can someone tell me what exactly is OpenSSL and heart-bleed? and what do they do?  I am not a technical guy so i dont understand. and yes, I did try looking for it on Wikipedia.

here:

http://heartbleed.com/

Share this post


Link to post
Share on other sites

Thanks a lot quesoph

 

so i have a server  and the website is protected with 256 bit SSL certificate. so do i need to do sm thing to protect myself from this exploit ?

Share this post


Link to post
Share on other sites

Thanks a lot quesoph

 

so i have a server  and the website is protected with 256 bit SSL certificate. so do i need to do sm thing to protect myself from this exploit ?

If your ssl certificate is generated by(/hosted on) openssl (>v1.0.1) , then update your openssl to the versions which fixed the bug. Also as a security, change user password(but i guess, your server is new, and hackers wouldnt have searched for gaming site for exploit...)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.