openSSL version? Does it need to be the latest?

cornnfedd

Captain Futurama
Joined
Aug 12, 2006
Messages
1,060
To pre-empt, I know nothing about openSLL versions or even what it does.

I was watching a video and comparing setup of server to my own (in xenforo) I have version OpenSSL 1.0.2k 26 Jan 2017

The video I was watching had 1.1.1 from April 2020...

Do I need to tell my host to update?
 

\o/

an oddity
Joined
Apr 30, 2018
Messages
227
OpenSSL is the technique that keeps encrypted data on your server encrypted. If you don’t update it, your server will leak sensitive data some day.

I warmly recommend to read about the Heartbleed bug:

Including this explanation:

Heartbleed might be fixed, but there might be another Heartbleed some day.
So, yes, you should update as soon as possible.
 

mysiteguy

Migration Expert
Joined
Feb 20, 2007
Messages
3,156
To pre-empt, I know nothing about openSLL versions or even what it does.

I was watching a video and comparing setup of server to my own (in xenforo) I have version OpenSSL 1.0.2k 26 Jan 2017

The video I was watching had 1.1.1 from April 2020...

Do I need to tell my host to update?

Its not always as easy as asking your host to update.

Various versions of Linux have support for different max versions of SSL as their max version.

So don't always expect any update to get you to the latest version. For instance if you want version 1.1.1 you'll need Centos 8.x, but most hosting companies are still on 7.x.

Having said that, if your host is on 7.x then rest assured that Red Hat (the upstream of Centos) backports security patches into older versions of software, and will continue to do so until June 2024. If it's Centos 6.x then your bigger concern should be getting off that server completely, since official security support ended November 2020.
 

cornnfedd

Captain Futurama
Joined
Aug 12, 2006
Messages
1,060
Thank you for the info, ive got some reading to do.

On another note how to work out what linux / centos version I have, can this been done in cpanel?

Or is it in here?

(Also xenforo says 7.3.8 but here listed below its lower?)
 

Attachments

  • server1.JPG
    server1.JPG
    51.4 KB · Views: 9

mysiteguy

Migration Expert
Joined
Feb 20, 2007
Messages
3,156
That screen capture where it shows the kernel version, it shows you're on CentOS 7.x. The EL7 portion of this line stands for Enterprise Linux 7. CentOS is the open source version of Redhat Enterprise Linux 7.
 
Top