Our response to Heartbleed
source link: https://blog.appsignal.com/2014/04/11/heartbleed.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Our response to Heartbleed
Thijs Cadier on Apr 11, 2014
“I absolutely love AppSignal.”
Discover AppSignal
This week, a serious security leak in OpenSSL came to light. The leak – named Heartbleed – also made AppSignal vulnerable. We have taken the following steps to secure our systems:
We immediately patched all our systems to use a version of OpenSSL with a fix for Heartbleed on Tuesday. This includes both our loadbalancers and Ruby installs.
We changed our SSL keys and reissued our certificates.
We replaced API tokens for external services we use.
We set a new session secret so all users have had to log in again.
We advise our users to change their password, user API token and Github credentials on AppSignal. We have no evidence of any malicious activity, but better safe than sorry. If any new information becomes available we will post it here and on our Twitter feed.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK