Announcement

Collapse
No announcement yet.

Regarding "Heartbleed" SSL vulnerability.

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Regarding "Heartbleed" SSL vulnerability.

    Many of you have heard about the so-called "Heartbleed" bug by now. This problem affects some SSL (secure web) servers that use recent versions of the OpenSSL implementation of the protocol.

    NONE of Click&Pledge servers uses OpenSSL and are therefore not vulnerable to this issue. In addition our firewalls are updated almost daily. This includes a recent update that short-circuits any attempt to take advantage of the vulnerability.
    Because our servers never had the vulnerability in the first place you do not need to worry about changing passwords or that any of your data has been compromised.

    Note:

    We have received many inquiries about a site (http://filippo.io/Heartbleed/) that apparently checks for the vulnerability. Checking for any of our sites results in failure since we block any such scan. The site's URL clearly indicates this problem with their site:

    For example checking "Connect.ClickandPledge.com" -> http://filippo.io/Heartbleed/#connec...pledge.com:443

    Results in: Uh-Oh, something went wrong:

    Click image for larger version

Name:	Heartbit.jpg
Views:	1
Size:	49.6 KB
ID:	16141


    Referring to the site's FAQ:


    Click image for larger version

Name:	FAQ-heartbit.jpg
Views:	1
Size:	187.8 KB
ID:	16142

    Per the site's FAQ and our network design any such attempt will fail since Click & Pledge blocks any such scanning attempt.

    Click & Pledge is PCI Level 1 certified and this threat is among many that we monitor and have monitored on a daily basis. Our servers are scanned daily and monitored 24x7 per PCI mandates.
    Regards,
    Click & Pledge Support Department

    On Salesforce? Help us by rating our app: Click & Pledge Donor Management on AppExchange

    Join us @ the educational webinars: https://clickandpledge.com/webinars/
    Live Support available Join between 3:00 - 3:30 p.m. ET Monday - Thursday: https://clickandpledge.com/webinars/
    Are you on Salesforce? Join us at the Power of Us Hub: https://powerofus.force.com/0F980000000CjpC
Working...
X