Fixing the Heartbleed vulnerability on unmanaged servers
Learn everything you need to know about how the "Heartbleed" vulnerability affects your server. Follow our easy guide to fix the heartbleed vulnerability.
This article discusses the "Heartbleed" OpenSSL vulnerability, and how to fix it on your unmanaged server.
Important
You must have root access to the server to follow the procedures described below.
Note
Information in this article about unmanaged dedicated servers is only for customers who purchased those plans before May 27, 2024. As of that date, unmanaged dedicated servers are no longer available. Our new managed dedicated server plans feature more powerful hardware to meet your hosting needs. To view available dedicated hosting options, please visit https://hosting.com/hosting/dedicated-hosting/.
About "Heartbleed"
The well-publicized "Heartbleed" vulnerability is a bug in certain versions of the OpenSSL library. If your unmanaged server is running one of the following operating system templates, it may be vulnerable:
-
CentOS 6.5
-
Debian 7 (Wheezy)
-
Ubuntu 12.04
To fix this vulnerability, you must update your server and restart any services that use the OpenSSL library. The most commonly affected services are web servers, SQL, and e-mail, though other services (such as Tor and OpenVPN) are also affected.
Note
If you have automatic updates enabled on your server, then it has likely already been patched. To run an online test and determine whether or not a particular server is vulnerable, please visit http://filippo.io/Heartbleed.
Fixing the vulnerability
If your server is running one of the affected operating system templates listed above, follow the appropriate procedures below.
CentOS 6.5
To fix the HeartBleed vulnerability on CentOS 6.5, follow these steps:
-
Install the latest updates on the server.
-
Reboot the server or selectively restart any affected services: Web servers:
- To restart the Apache web server, type the following commands:
/etc/init.d/httpd stop
/etc/init.d/httpd start
- To restart the Nginx web server, type the following commands:
/etc/init.d/nginx stop
/etc/init.d/nginx start
SQL services:
- To restart MySQL, type the following commands:
/etc/init.d/mysql stop
/etc/init.d/mysql start
- To restart PostgreSQL, type the following commands:
/etc/init.d/pgsql stop
/etc/init.d/pgsql start
E-mail services:
- To restart Postfix, type the following commands:
/etc/init.d/postfix stop
/etc/init.d/postfix start
- To restart Exim, type the following commands:
/etc/init.d/exim stop
/etc/init.d/exim start
- Run the online test at http://filippo.io/Heartbleed to confirm that the server is no longer vulnerable.
Debian 7 and Ubuntu 12.04
To fix the HeartBleed vulnerability on Debian 7 (Wheezy) or Ubuntu 12.04 (Precise Pangolin), follow these steps:
-
Install the latest updates on the server.
-
Reboot the server or selectively restart any affected services: Web servers:
- To restart the Apache web server, type the following commands:
service apache2 stop
service apache2 start
- To restart the Nginx web server, type the following commands:
service nginx stop
service nginx start
SQL services:
- To restart MySQL, type the following commands:
service mysql stop
service mysql start
- To restart PostgreSQL, type the following commands:
service postgresql stop
service postgresql start
E-mail services:
- To restart Postfix, type the following commands:
service postfix stop
service postfix start
- To restart Exim, type the following commands:
service exim stop
service exim start
- Run the online test at http://filippo.io/Heartbleed to confirm that the server is no longer vulnerable.
More Information
For detailed information about the "Heartbleed" vulnerability, please visit http://heartbleed.com.
Related Articles
Updated 3 days ago