If you haven’t heard of Heartbleed by now, crawl out from underneath that rock, y’all. This post isn’t intended to give you the complete 411 on the Heartbleed bug–if you need more details, try Googling it! Instead, I want to take this time to inform you on how blog and small website owners may or may not be affected. Listen up, since some sources are reporting that Heartbleed affects over 2/3 of the Internet!
What Blogspot Users Need to Know
Blogspot is a Google service, and some of Google services were affected. Google quickly responded to the issue and has applied patches. Although Google says users do not need to change their passwords, change ’em anyway! The vulnerability was there at one time, so you’re better off safe than sorry.
What WordPress.com Users Need to Know
It is unclear if WordPress.com accounts were affected. As of right now, it looks as if wordpress.com is not vulnerable, but you should still change your password. Here are instructions.
What Self-Hosted WordPress Users Need to Know
Whether or not you have been affected or not vastly depends on your web host’s response to the issue (see “What Website Owners Need to Know” below). If the web host has applied proper patches–which they should have by now!–it’s a good idea to change your password (here’s how) and, as always, make sure your WordPress (and plugins) have been updated to the latest version.
What Domain Name Owners Need to Know
If you’ve purchased your own domain for your website, it’s very possible that the company you registered with was affected. For example, GoDaddy has responded to the threat by updating the servers they use, as well as their hosting accounts. Check with your domain registrar and if they have implemented the proper patches, change your password.
What Website Owners Need to Know
If you have a self-hosted WordPress site (or another type of site), you’ve purchased web hosting for it. Most web hosts appear to have applied proper patches by now (HostGator and BlueHost, for example, have been updated and are secure), and others are claiming they weren’t affected at all. Check with your web host for more details. If the security patches have been applied, it’s probably a good idea to reset your cPanel password (click me for details) as well as the passwords for anything you might have installed on your site (e.g. WordPress!). Also, I’d recommend changing the password for the actual account you have with your host (for billing purposes).
As mentioned earlier, this is definitely not a comprehensive post. For more information on services that were and were not affected, check out this post from Mashable. There are some major websites that were potentially affected, such as Facebook, Pinterest, Etsy, and Tumblr, and it’s advisable for you to investigate the issue and change passwords immediately.
Information on this issue is still very limited, and it’s quite unclear what exactly has and has not been affected by the bug. This isn’t the end of it–keep up on any new updates that come out regarding Heartbleed!
A side note for those who have purchased through our website: We are hosted with HostGator, whose servers have been patched, and always remain up-to-date with our WordPress and plugin versions. If you have an account with us because you purchased something, your password has automatically been reset. In addition, we don’t collect any personal information about you (except your name) and only accept payment through Paypal, which, officials say, was not affected.