Patch your WHM/cPanel machine for heartbleed

Rob —  April 8, 2014 — Leave a comment

You’ve certainly heard about Heartbleed by now. If not, you can read more about this vulnerability at Heartbleed.com. Continue reading this post to find out if you’re vulnerable, and how to patch your server.

Once you understand it, you’ll want to patch your system. If you’re running Centos 5, you don’t need to worry because it doesn’t have the version of OpenSSL that is vulnerable.

If you’re running Centos 6, read on and patch.

1. Run this test to see if you’re patched:

If you see the following output, you’re patched (skip to #3):

2. If you didn’t see the output above stating you are already patched, run ‘yum update’ to install the patch:

You’ll see some things scroll by, but noticeably this package in particular:

You can run that command from #1 if you like to ensure things went well.

3. Reboot the server (this is probably a good time to take advantage of any kernel updates that may have installed as well!)

4. If you’d like to test from the outside, you can use this test:
http://filippo.io/Heartbleed/

5. You’re done.. move on to the next server.

Related posts from Linux Brigade!

No Comments

Be the first to start the conversation.

Leave a Reply

Text formatting is available via select HTML.

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url=""> 

*