Speaking of you, many many thanks to Igor for sending me a PM about this. I was out much of the day. I'd seen a brief article about this, but hadn't noticed the severity of it yet, so he enabled my securing the server faster - as soon as I saw his PM. Thank you, kind sir.
This is my official PanamaCityPC reply:http://news.panamacitypc.com/2014/04/notice-about-bluebonnetserver-and-the-heartbleed-bug/
This is a brief message regarding the Heartbleed bug that is all over the news today.
In brief, I became aware of the seriousness of the bug/exploit a few hours ago and took immediate action to open OpenSSL on the server to the latest bugfix release, followed by a server reboot to ensure no un-updated binaries were running.
At this time, there is no way to tell if a particular server has been compromised; or rather, if data from a particular server has been accessed. The best solution I have seen involves securing the server (which is now done), and resetting all passwords on the server, which is a huge undertaking, and not practical to do for all applications running on the server.
I therefore highly recommend that if there is an application running under your account, such as a forum or WordPress or other software installation, that you immediately recommend to all users that they change their account passwords immediately.
This affects easily a half million servers on the internet; I personally tend to believe that the vast majority of those probably have not been accessed; but the seriousness of this incident prompts a “better safe than sorry” response.
If you require further information or assistance, please do not hesitate to email email@example.com
and we will assist you as soon as possible.
PanamaCityPC.com – BlueBonnetServer.com