Information about the Heartbleed Bug SSL security exploit

You may have heard stories in the news about the Heartbleed SSL security exploit.  This story relates to a vulnerability in a security library called OpenSSL that is used on many websites to help protect data that is transmitted between your browser and the web server.

We have checked our systems and we can confirm that we do not install OpenSSL on any of our servers by default, and we do not install it on any system that we manage.  That means that if your server or VPS is managed by us (this includes all shared hosting) then these systems are not affected by this security exploit and are not vulnerable.

Self-Managed Servers and VPSs
If you have a self-managed server or VPS, we do not control the software you instal on your system.  If you have installed an affected version of OpenSSL (version 1.0.1 and OpenSSL Beta 1.0.2) then you must upgrade this to the latest version.  If you have installed any software that uses this library you should request an update from the software developer immediately.

More Information
More information can be found on the GlobalSign blog if you think you may be affected.