Heartbleed exploits a very serious fault in OpenSSL – an open source implementation of SSL (Secure Socket Layer).You will be pleased to know that this fault does in no way affect Easysite CMS, as we do not, and have never used OpenSSL.
As reported across the news very recently, there has been a catastrophic bug detected that affects thousands of websites and web-services right across the internet, it’s called Heartbleed. It is a very serious fault in OpenSSL – an open source implementation of SSL (Secure Socket Layer).
SSL is used to secure information entered from your computer, (for example your username and password when logging onto Gmail or your online banking). You will know if a website is using an SSL as a little padlock symbol appears in the corner of your web browser.
The bug has been around for about two years, and during that time there has been a risk that that individuals or organisations could view secured data to gain your username(s) and password(s). Information that you otherwise had assumed was private and secure.
You will be pleased to know that this fault does in no way affect Easysite CMS (or EIBS Ltd.), as we do not, and have never used OpenSSL. Our software runs on the Microsoft application stack and makes use of the SSL implemented by Microsoft for their IIS Web Server.
So you can be reassured that your web sites running on Easysite CMS have never been affected by this fault.
While you don’t have to worry about Heartbleed, we do recommend you make regular use of the Easysite automatic password expiration facility to ensure that your users are prompted to change their passwords on a regular basis, and that they are using the password strength facility.
It is also very important that you remain confident in SSL and ensure that you have appropriately secured your site(s) – if you have further questions about SSL, digital certificates or hosting please speak to us.
