Cart66: The Heartbleed Bug and How it Affects You

Wordpress Ecommerce

Its well known, that an Internet-wide security threat emerged a few days ago called the Heartbleed bug. Online security is a topic that we take very seriously. Once we learned about this issue we addressed it immediately and we’ve compiled this list of questions and answers to help you understand the Heartbleed bug, let you know what we’ve done to address it and let you know what you can do to protect your private information.

What is the heartbleed bug?

The Heartbleed bug is a serious vulnerability in the popular OpenSSL cryptographic software library used to secure information traffic across much of the Internet. Because the vulnerability itself could leak/bleed information and it involved the Heartbeat function of OpenSSL, the vulnerability was nicknamed “Heartbleed.” This weakness allows hackers to steal information normally protected by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging and some virtual private networks. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content which allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

What is being done?

This vulnerability was assigned an identifier of CVE-2014-0160 and was quickly patched by the maintainers of OpenSSL. That patch was made publicly available and service providers across the globe, including Cart66, have already patched, tested, and verified all systems are secured. All necessary SSL certificates have been rekeyed as well.

The security of our customers is a top priority. We began addressing this issue immediately upon disclosure and have successfully applied patches to all of our servers. The likelihood that private information was compromised is very minimal due to the lack of a public exploit at the time of the disclosure. As always, we will continue to work to protect the security of our customers and their data.

Is my account vulnerable?

There was a period when anyone relying on OpenSSL was vulnerable. Upon disclosure of the vulnerability, we immediately patched all of our servers. At this time, our servers and your accounts are not vulnerable and information is secure.

Was my security, password or privacy compromised?

There was a period when anyone relying on OpenSSL was vulnerable. Upon disclosure of the vulnerability, we immediately patched our entire platform. The likelihood that your private keys were compromised is minimal due to the lack of a public exploit at the time of the disclosure. If you are concerned, you are welcome to change your password. If you do change your password, consider that this vulnerability existed across the majority of the Internet and password changes should be done anywhere you store sensitive information.

Where can I learn more about Heartbleed?

For more details about the Heartbleed bug, please visit heartbleed.com.

WooCommerce vs Cart66

WooCommerce vs Cart66

WooCommerce and Cart66 are both e-commerce solutions for WordPress. In this article we’ll talk about the similarities and differences between WooCommerce and its marketplace of WordPress plugins versus the suite of services and e-commerce features you get with Cart66.

Read More

Shopify vs WordPress For E-commerce

banner-post4

Historically there has been a big difference between Shopify and other hosted solutions and WordPress when it comes to e-commerce. With WordPress it was up to you to install your own SSL certificates and worry about PCI compliance. Then you try to find and assemble a bunch of different WordPress plugins to get all the features you need for your store while hoping that all the plugins work properly together and all the different plugin authors keep their plugins up to date. Cart66 Cloud solves these problems letting you harness all the power of WordPress to design your store while giving you a rock solid, secure, e-commerce platform that includes everything you need in one easy to use package.

Read More

Finding Good Web Hosting

Finding Good Web Hosting

If you are going to run an online store, you have to have a good web host. There are several things you want to look for in a good host, and popularity is not the number one criteria. In this article we’ll look at some of the key things you want to look for in a good web host.

Read More

Payment Gateway vs Merchant Account

banner-post1

If you want to sell something online you need both a payment gateway and a merchant account. But, do you know the difference between a payment gateway and a merchant account? If you don’t, setting up an e-commerce website can get confusing and you could get hit with unexpected fees.

Read More

Understand Choice To Increase Sales

Understand Choice To Increase Sales

It seems like giving your customers lots of choices would be a good thing. The more choices, the more likely they are to find exactly what they are looking for right? It turns out that too many choices actually results in fewer sales. In this article, we’ll talk about why too many choices is a bad thing and how you can increase conversion rates by reducing choices.

Read More