Several months ago, a bug was detected in a popular part of cryptography which affected a huge number of websites all over the world. This vulnerability – known as the heartbleed bug – made sensitive information visible to anyone who cared. In some cases, it led to passcodes being released. For anyone who had ever shopped online and created an account with an e-commerce site, the danger was easy to understand.
Within days of the vulnerability being exposed, however, developers were able to patch the problem, once again making the SSL protocol secure. What can you do as a website owner? Below are 3 ways you can protect your reputation and your site.
Check the comic about heartbleed bug on XKCD
#1 Update, update, update
If you use WordPress, updates are imperative to the efficient running and maintaining of a secure site or blog. You’ll always need to ensure you have the latest patches and plugins in place to try to stay ahead of the game (and potential hackers). Updating regularly will help your site stay secure and provide the patches and protection you need to thwart off attacks.
#2 Purchase the right software
One of the best and easiest ways to protect your site (especially if you’re selling goods or services) is by investing in SSL servers. Secure Sockets Layer (SSL) immediately screams “secure site” for users as they’ll see an “https” pop up in their browser and know instantly that they’re dealing with a secure site. Many users will also look for the padlock and other information that lets them know they are dealing with a highly secure site and that their private details will not be compromised.
#3 Alert your users
The vast majority of sites online have taken the necessary action to be secure once again. While this is good news, there is still one thing for web users to do.
It’s importance to urge the stress of changing and creating passwords for your users. During the time at which the vulnerability was exposed, passwords were not entirely secure. This means that it is still possible for cyber-criminals to access sensitive information on sites which are now secure, but only in the event that a password has been compromised.
After checking that patches have been made, web users should look to change their passwords for every site which was affected by the heartbleed bug. To be safe, it is also wise to make use of a different – but equally strong – password for each site you use. This is the only way to ensure security across the board. It also makes sense to change your password regularly and not revert to old ones.
Comments
2 responses to “3 tips to save your website from heartbleed bug”