Jump to content

Archived

This topic is now archived and is closed to further replies.

MDGarcia

Ad Astra & Heartbleed

Recommended Posts

Earlier this week (7 APR 2014), OpenSSL revealed a two-year old security exploit in serving secured data using their application. This exploit/bug made it possible for anyone to gain information about account information and more specifically passwords and password changes.  Luckily, Ad Astra has only utilized SSL since we moved to our new server last month, so we feel that our exposure is not as bad as most sites out there.

 

Over the course of this week, we moved quickly to patch to the fixed release, which was completed yesterday night.  Some of you were waiting to hear back on a support ticket regarding this issue, and this message will be posted in reply.  The only site affected by this were the forums and our email server. The main archive and blog sites were not affected, because they do not employ SSL at all.

 

To that end, we were recommending that if you have an account here on the Forums and should you have a trekfics.net or other hosted email address here at Ad Astra, you should change your password immediately.  Users who do not change their password are subject to an account hack.

 

Forums: https://forums.adastrafanfic.com/index.php?app=core&module=usercp&tab=core&area=email

Email: https://mail.trekfics.net/postfixadmin/users/login.php

 

Again, please do this now to ensure your account security.  If you have any questions, concerns, or are having a problem changing your password, please open a support ticket at http://support.adastrafanfic.com immediately. I will do my best to help you as quickly as possible.

 

Thanks,

 

MDg

Link to comment
Share on other sites

I am so damned irritated by this Heartbleed thing.  It is hard enough to keep track of passwords with my ADHD issues.  Now I have to remember a bunch of new ones.  Watch me lock myself out of everything.  Sigh.

 

Thanks for addressing this, Mike.

Link to comment
Share on other sites

I am so damned irritated by this Heartbleed thing.  It is hard enough to keep track of passwords with my ADHD issues.  Now I have to remember a bunch of new ones.  Watch me lock myself out of everything.  Sigh.

 

Thanks for addressing this, Mike.

Hah!  Already had to redo mine for this site.  Changed a bunch of others along with this one this morning and subsequently forgot it.  And I can't claim ADHD...old age, maybe?

Link to comment
Share on other sites



×