Custom Websites
Self Managed Websites
Dedicated Website Hosting
Website Optimisation
Website Management Plans
SEO & SMO Packages
Content Writing
Graphic Design
About Us
Portfolio
Latest News
Get In Touch



POODLE – Not as friendly as you think.

by | Nov 13, 2014 | Latest News | 0 comments

This is not about “man’s woman’s best friend” it is to do with the POODLE Bleed security risk.

2014 has seen its fair share of Internet Security Threats. From Heartbleed that took the world by storm to the latest threat on the scene POODLE better known as POODLE Bleed by many.

POODLE stands for Padding Oracle On Downgraded Legacy Encryption. To many business owners who have a website – that means absolutely nothing, but to guys like us, Microsoft and the team over at Google who actually discovered this new vulnerability – it means that there is now a loophole in the web hosting servers that hosts your website which allows an attacker to identify and exploit.

This vulnerable area on the web hosting server controls your secure connection. Until now all data sent via this secure connection was encrypted/disguised so anybody trying to intercept it was unable to see anything but numbers and letters.

An example of data you would not like anybody to see as it is in transit from your website to the host server would be your username and password. When you login – those details are sent over the internet to a website file on your host server. The website file and it’s code checks the information submitted and allows access if details are correct.

With a vulnerable web hosting server and no secure methods in place like an SSL Certificate to make your site secure – then hackers can see everything and will use your site for their financial gain or satisfaction of stopping your business from trading efficiently with the added expense of resolving data issue’s/confidential security breaches.

What can businesses do to protect themselves?

The first thing you need to do is determine if your web hosting has any problems. To do this you can use the Online SSL Symantec ToolBox. Just type in your website address and click the check button.

Once you wait a minute or two and have your results all will either be o.k. or problems will be identified.

If problems are identified – then all is not lost.

You simply need to contact the person in charge of your web hosting and ask them to update the server to stop the POODLE SSL attack.

How long have businesses got to do this?

If you have a proactive web hosting company that you trust – then you shouldn’t have to worry about this. For those that don’t – then it’s estimated that you have a few months from now to resolve the issue.

Many major online payment processors like PayPal are sending out messages as we type that their deadline for using their service on web hosting that is seen with this vulnerable will end 3 December 2104 at 8:01 a.m. Greenwich Mean Time.

This means that running your website on a vulnerable web hosting server will not only cause security issues, but those selling products or services directly from their website will see a drop in revenue as their online processors begin to decline their payment transactions.

Our advice:
Resolve this now in advance and save yourself from a potentially painful experience.