What is a Heartbleed Vulnerability and What is A2 Hosting Doing to Help?

Article By: A2 Dev Team
What is a Heartbleed Vulnerability and What is A2 Hosting Doing to Help?

A zero-day vulnerability nicknamed Heartbleed was announced Monday, revealing a bug in the popular OpenSSL software. The bug could potentially allow a third party to eavesdrop on communications encrypted over SSL/TLS.

At this time, A2 Hosting has patched OpenSSL on all of our shared and managed servers to a version which does not include the vulnerability. If you have an Unmanaged VPS, Cloud Hosting, or Unmanged Flex Dedicated server, it is your responsibility to update your server to the latest OpenSSL version.

More specific information about the vulnerability can be found at heartbleed.com.

OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
OpenSSL 1.0.1g is NOT vulnerable
OpenSSL 1.0.0 branch is NOT vulnerable
OpenSSL 0.9.8 branch is NOT vulnerable

If you have any questions or need further assistance in upgrading your unmanaged server, please open a support ticket from my.a2hosting.com.

Security & SSL

We use cookies to personalize the website for you and to analyze the use of our website. You consent to this by clicking on "I consent" or by continuing your use of this website. For more information about cookies, see our Privacy Policy.