Итак, я подумал, что, возможно, мне следует начать менять свои пароли, услышав все разговоры об ошибке Heartbleed. Однако потом я начал думать, какой смысл менять свой пароль на данном сайте, если он все еще уязвим для Heartbleed?
Итак, я думаю, что имеет смысл только изменить мой пароль на сайте, который больше не уязвим, но как я могу определить, в этом ли причина?
There is also a Chrome extension that checks visited sites for the vulnerability. For Firefox there is also an extension available.
If you are using LastPass, they will notify you as soon as the website is no longer affected by heartbleed and has changed the ssl certificates.
Just enter the website you want to check here.
This site tells you if the checked site is still vulnerable.
Someone has already posted the original heartbleed test website, and Filippo is awesome for open sourcing it so you should support him. We actually use part of his test code to power our site.
I worked with a team to setup a site that has a few more features than just seeing if the website is currently vulnerable. We stored the public key of all of the SSL certs of the top 1 million websites and are checking to see that they are changing their certs as well as if they are still vulnerable to heart bleed. We also have some stats on how many sites that we've tested are still vulnerable. Currently it's about 9%.
As like with Filippo's website you can test your own site to see if it's vulnerable. It is heartbleedstatus.com
(Discosure as stated above I was on the team to create this site.)