How to Fix Heartbleed OpenSSL Bug

This week, a major bug on Openssl, called Heartbleed, was announced which basically renders any ssl protection useless.

You can test if your site is vulnerable by doing this test by Qualys.

heartbleedbefore

As you can see, we have failed the test and it highlights the fact that we have the vulnerability.

How to patch it

sudo -s
(optional, but the other commands will have to be proceeded with sudo if you do not).

openssl version -b

You will get something like,* built on: Wed JanĀ  8 20:45:51 UTC 2014*. If the date is less than April 7th, then you will have the bug.

Do

apt-get upgrade openssl

Press Y to continue.

Note: you may need to do apt-get update first to get the latest packages.

And that is it. Vulnerability fixed. Do openssl version -b again and check the day is at least Apr 7.
heartbleed after

The test also shows the vulnerability is fixed!

Thanks to my colleague, Sheraz, for help finding a solution to the problem!


© 2012-2017