It looks like you're new here. If you want to get involved, click one of these buttons!
Hi alls ,
I haved opened this post becouse i haved find today some chinese hackers logged in some accounts of my site,and throught this i want to help other people which can have problems in future.
The most people who have websites hosted on vps has no much knowledge about servers,and if have maybe sometimes are missing somethink from the server security.
By default the most web pannels and linux os(all free versions) come with old versions of software,in this case openssl.
Vulnerability:The Heartbleed Bug.
Most of the people are using Let's Encrypt.
Solution: Upgrade your openssl version to your server,download and install again in your server from the source and compile this.
Then reboot the server.
The latest versions can be located here :
How to find the version in your server:
in your server console : openssl version -a
In my case was: OpenSSL 1.0.1e-fips 11 Feb 2013.
now: OpenSSL 1.1.0 25 Aug 2016
How to install:
install unzip gcc pcre-devel zlib-devel make .. if not installed.
then make an folder in your root or /temp .. your choice.
Remove the folder after installation: remove openssl-1.1.0 or openssl-x.x.x . rm -r openssl-1.1.0
Then reboot your server ... important.
I hope that this will help you.