stackoom
  简体   繁体   中英

Apache2 and HeartBleed SSL issue

 原文  2014-04-10 01:35:24       apache/ ssl/ openssl/ heartbleed-bug

Question

I am using apache2 server runing on a Ubuntu Server 12.04 LTS. In my apache2 conf file there is a host that looks like this.

IfModule mod_ssl.c>

VirtualHost *:443> 

 //Every configuration for the virtual host working fine.

/VirtualHost>

/IfModule>

I avoid using the "minor" sign since SO does not display the line containing it.

I cannot read "OpenSSL" anywhere. So my intuition says that I am not using it at all. So I should not worry about Heart bleed open SSL bug.

Am I right?

Thanks in advance.

1 answers

solution1
 2 ACCPTED  2014-04-10 01:42:59

From the command prompt do: openssl version 

OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
OpenSSL 1.0.1g is NOT vulnerable
OpenSSL 1.0.0 branch is NOT vulnerable
OpenSSL 0.9.8 branch is NOT vulnerable

Your config is using mod_ssl. Mod SSL is OpenSSL built for Apache.

If your server is public facing you can try something like this tool. http://filippo.io/Heartbleed/

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache2 SSL certificate file issue Gitlab on Apache2 with SSL apache2 and ssl module Instaling SSL on apache2 Apache2, vhosts and SSL Apache2 Webserver issue Apache2 restart issue apache2 handle subdomains and SSL Apache2 SSL certificate error Debian Apache2 Restart issue
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM