Membership is FREE, giving all registered users unlimited access to every DNForum feature, resource, and tool! Optional membership upgrades unlock exclusive benefits like profile signatures with links, banner placements, appearances in the weekly newsletter, and much more - customized to your membership level!

Reply to thread

Message

mvl – Thanks, looks like the tool provided by Lastpass that I was using for this test is quite questionable. They seem to perform radical changes on the fly – I see some sites that were reported as _definitely_ vulnerable just yesterday are displayed as “Was vulnerable: No” today, e.g. Evernote.

Also, while Lastpass tool states that DoDaddy uses Microsoft-IIS/7.0 as server software and was not vulnerable at all, the blog post at GoDaddy confirms that they were patching their servers with the fix for this vulnerability – looks like GoDaddy speaks about the custom SSL certificates provided in scope of their hosting service, but this still should be taken in account.

So, I’m taking down all the lists above to avoid the unintended confusion. Please do your own research – besides online checking (probably better with multiple tools), search for the official announcements of the corresponding registrar and contact customer support if still uncertain.

<blockquote data-quote="vivid" data-source="post: 2199345" data-attributes="member: 135822">mvl – Thanks, looks like the tool provided by Lastpass that I was using for this test is quite questionable. They seem to perform radical changes on the fly – I see some sites that were reported as _definitely_ vulnerable just yesterday are displayed as “Was vulnerable: No” today, e.g. Evernote.Also, while Lastpass tool states that DoDaddy uses Microsoft-IIS/7.0 as server software and was not vulnerable at all, <a href="http://godaddyblog.com/open-ssl-heartbleed-weve-patched-servers/" target="_blank">the blog post</a> at GoDaddy confirms that they were patching their servers with the fix for this vulnerability – looks like GoDaddy speaks about the custom SSL certificates provided in scope of their hosting service, but this still should be taken in account.So, I’m taking down all the lists above to avoid the unintended confusion. Please do your own research – besides online checking (probably better with multiple tools), search for the official announcements of the corresponding registrar and contact customer support if still uncertain.</blockquote>

[QUOTE="vivid, post: 2199345, member: 135822"] mvl – Thanks, looks like the tool provided by Lastpass that I was using for this test is quite questionable. They seem to perform radical changes on the fly – I see some sites that were reported as _definitely_ vulnerable just yesterday are displayed as “Was vulnerable: No” today, e.g. Evernote. Also, while Lastpass tool states that DoDaddy uses Microsoft-IIS/7.0 as server software and was not vulnerable at all, [URL='http://godaddyblog.com/open-ssl-heartbleed-weve-patched-servers/']the blog post[/URL] at GoDaddy confirms that they were patching their servers with the fix for this vulnerability – looks like GoDaddy speaks about the custom SSL certificates provided in scope of their hosting service, but this still should be taken in account. So, I’m taking down all the lists above to avoid the unintended confusion. Please do your own research – besides online checking (probably better with multiple tools), search for the official announcements of the corresponding registrar and contact customer support if still uncertain. [/QUOTE]

Verification