Heartbleed, OpenSSL and upgrading Apache & Ubuntu all at once

Or, how to unintentionally make an afternoon for yourself. Jeez.

The HeartBleed bug in OpenSSL is a pretty big deal. If you manage your own server and use secure connections for anything you should really update it. I like Marco's write-up on this best, and he links to some good resources for testing SSL connections in general.

I have two servers with projects that make use of SSL for processing payments and login info. They're all extremely low-traffic but it seemed negligent not to address the issue when I knew the versions of OpenSSL contained this bug. God knows what possessed me, but I decided to upgrade Ubuntu and Apache while I did this too — basically upgrade everything all at once, something I'd been putting off for a long time.

Pro tip: don't. I spent the past couple hours tracking down every little server configuration that needed to be changed, removed or otherwise renamed in upgrading Apache from 2.2 to 2.4. If I didn't have WordPress projects relying on it I might've abandoned it and gone with nginx or lighttpd or something. Ultimately there were three big changes that needed to be made:

Three little things but tacking them down when all of the error message were previously getting dumped into the same log file was... a chore. Yikes.

I need some yoga.

Find a typo?


More Things Written

» April 7, 2014
» April 9, 2014