No announcement yet.

Regarding "Heartbleed" SSL vulnerability.

This topic is closed.
  • Time
  • Show
Clear All
new posts

  • Regarding "Heartbleed" SSL vulnerability.

    Many of you have heard about the so-called "Heartbleed" bug by now. This problem affects some SSL (secure web) servers that use recent versions of the OpenSSL implementation of the protocol.

    NONE of Click&Pledge servers uses OpenSSL and are therefore not vulnerable to this issue. In addition our firewalls are updated almost daily. This includes a recent update that short-circuits any attempt to take advantage of the vulnerability.
    Because our servers never had the vulnerability in the first place you do not need to worry about changing passwords or that any of your data has been compromised.


    We have received many inquiries about a site ( that apparently checks for the vulnerability. Checking for any of our sites results in failure since we block any such scan. The site's URL clearly indicates this problem with their site:

    For example checking "" ->

    Results in: Uh-Oh, something went wrong:

    Click image for larger version

Name:	Heartbit.jpg
Views:	1
Size:	49.6 KB
ID:	16141

    Referring to the site's FAQ:

    Click image for larger version

Name:	FAQ-heartbit.jpg
Views:	1
Size:	187.8 KB
ID:	16142

    Per the site's FAQ and our network design any such attempt will fail since Click & Pledge blocks any such scanning attempt.

    Click & Pledge is PCI Level 1 certified and this threat is among many that we monitor and have monitored on a daily basis. Our servers are scanned daily and monitored 24x7 per PCI mandates.
    Click & Pledge Support Department

    Join us @ the educational webinars:
    Live Support- read more: