In light of recent events, where serious vulnerability in OpenSLL protocol was discovered (nicknamed “Heartbleed”), we would like to inform you that our servers and security hasn’t been breached and that your data is safe with us.
The Heartbleed Bug allows stealing the information protected by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users. It is assumed that 66% of all websites across the Internet are affected.
This bug has shown that in some cases usernames, passwords and other protective data entered on affected sites and services can be easily compromised.
ManageWP was developed with security in mind. No sensitive information about your sites is stored on the ManageWP server and you are never required to enter a password for any of your blogs. All operations are performed on your blogs directly as if you were logged into them. This is possible due to the Worker plugin installed on your sites. The installation process requires special care to ensure your sites are secure.
This means that by managing your sites through ManageWP you are not exposed to Heartbleed vulnerability while managing your sites even if your hosting server or website is not patched.
We encourage you to get informed on how we made our service secure by reading this post on ManageWP Blog. If you have any additional questions, feel free to contact our support team.
Chief Operating Officer