The Heartbleed SSL bug has been making global headlines
. As with any case where data security becomes an issue, it’s understandable to wonder if this affects your website.
In short, the Heartbleed bug targets sites that use OpenSSL and creates a “leak” that could allow someone to access your username and password information.
PowerDNN does not use OpenSSL. Nor do we use Apache as part of our core network setup. The PowerDNN infrastructure is built on Windows IIS, which is unaffected by the Heartbleed bug.
To be clear, your PowerDNN-hosted website is secure in our network for several reasons:
• Our network is not reliant on Apache.
• PowerDNN servers run on IIS.
• We do not use OpenSSL.
As part of our continued security vigilance, we install regular Windows Server updates. Our next regular period of Windows updates is scheduled for next week.
We take any new security issue very seriously. We will continue to monitor the Heartbleed issue, and keep a close eye on its development.
While PowerDNN’s core infrastructure is unaffected by Heartbleed, you still may want to change your passwords on other sites that could potentially be impacted by the issue. For example, Yahoo is a major site that may be affected due to its use of OpenSSL.
If you wish to find out more about the Heartbleed SSL bug, we recommend this detailed breakdown
by Troy Hunt, a software architect at Microsoft.