Is my site vulnerable?
My site is hosted on 18.104.22.168
Port 443 is open.
Still stopbleed reports any of following errors -
1. connection refused,
2. connection reset by peer,
3. i/o timeout
Thank you for great information and help. We appreciate it.
Typically default configurations of Windows do not include OpenSSL, and are not impacted by this vulnerability. Windows comes with its own encryption component called Secure Channel (a.k.a. SChannel), which is not susceptible to the Heartbleed vulnerability.
Windows that uses OpenSSL instead of SChannel (for example, running the Windows version of Apache), may be vulnerable.
If so, see here: http://www.kb.cert.org/vuls/id/720951
Okay, thank you very much for all the information.
Last question - our server is Windows server. Relating to your comment "..our server may be a windows server or blocking these kinds of checks, which would be a plus."
Does it mean our server is safe from Heartbleed vulnerability?
Setting up your server to allow for the test is not recommended. We would not know your server setup and do not recommend you open it up for the Heartbleed pulse test.
What do we need to do on server so that server accepts bug vulnerability test
443 port is open
These are not Errors, so there is nothing to Fix. Read the links in the first comment to see what they mean. Your server may be a windows server or blocking these kinds of checks, which would be a plus. There is a lot of information on Filippo's site about what the messages mean. They are coming from his testing site.
What do we do to solve these errors? please guide.