Forums
New posts
New posts
Search forums
Market
Domains/Websites Wanted
.com Domain Market
gTLD Domain Market
ccTLD Domain Market
Web3 Domain Market
Third-Level Domain Market
Adult Domain Market
What's New
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Account Upgrade
Premium Members Directory
Log in
Register
What's New
calendar
Search
Search
Search titles only
By:
New posts
New posts
Search forums
Menu
Log in
Register
Install the app
Install
Enjoy unlimited access to all forum features for FREE! Optional upgrade available for extra perks.
Forums
Domain Discussion
Domain Industry Companies
Heartbleed Vulnerability Of Registrars
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="vivid" data-source="post: 2199345" data-attributes="member: 135822"><p>mvl – Thanks, looks like the tool provided by Lastpass that I was using for this test is quite questionable. They seem to perform radical changes on the fly – I see some sites that were reported as _definitely_ vulnerable just yesterday are displayed as “Was vulnerable: No” today, e.g. Evernote.</p><p></p><p>Also, while Lastpass tool states that DoDaddy uses Microsoft-IIS/7.0 as server software and was not vulnerable at all, <a href="http://godaddyblog.com/open-ssl-heartbleed-weve-patched-servers/" target="_blank">the blog post</a> at GoDaddy confirms that they were patching their servers with the fix for this vulnerability – looks like GoDaddy speaks about the custom SSL certificates provided in scope of their hosting service, but this still should be taken in account.</p><p></p><p>So, I’m taking down all the lists above to avoid the unintended confusion. Please do your own research – besides online checking (probably better with multiple tools), search for the official announcements of the corresponding registrar and contact customer support if still uncertain.</p></blockquote><p></p>
[QUOTE="vivid, post: 2199345, member: 135822"] mvl – Thanks, looks like the tool provided by Lastpass that I was using for this test is quite questionable. They seem to perform radical changes on the fly – I see some sites that were reported as _definitely_ vulnerable just yesterday are displayed as “Was vulnerable: No” today, e.g. Evernote. Also, while Lastpass tool states that DoDaddy uses Microsoft-IIS/7.0 as server software and was not vulnerable at all, [URL='http://godaddyblog.com/open-ssl-heartbleed-weve-patched-servers/']the blog post[/URL] at GoDaddy confirms that they were patching their servers with the fix for this vulnerability – looks like GoDaddy speaks about the custom SSL certificates provided in scope of their hosting service, but this still should be taken in account. So, I’m taking down all the lists above to avoid the unintended confusion. Please do your own research – besides online checking (probably better with multiple tools), search for the official announcements of the corresponding registrar and contact customer support if still uncertain. [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Domain Discussion
Domain Industry Companies
Heartbleed Vulnerability Of Registrars
Top
Bottom