Skip to main content

*** Storefront Checkout is Temporarily Closed - Wish Lists Available ***

Due to a prolonged Physical Injury recovery, Our Store will experience periodic (sometimes prolonged) Checkout Closures

STORE CLOSING - Storewide Clearance Sale - Items marked 'Special Buy, Closeout, Clearance, Final Sale' are not Returnable or Refundable

HeartBleed and Four Corners USA OnLine

HeartBleed and Four Corners USA OnLine

Posted by Four Corners USA OnLine on 10th Apr 2014

HeartBleed OpenSSL Bug

FourCornersUSAonLine Heartbleed Tested and Verified Safe Site

We take Security very seriously. Upon announcement of the recent HeartBleed OpenSSL Bug, we took immediate action to provide you information regarding our Secure Network and testing of our Website.

HeartBleedSSLWebsiteTestApril112014

All our Private and Secure Pages are through the advanced security of BigCommerce and all Security Certificates are issued to them on our behalf, monitored and tested regularly. The URL you see above 'store-bhi33w.mybigcommerce.com' is our unique relative URL path for the domain name 'stores.fourcornersusaonline.com' which is what you see upon Creating an Account or at Checkout whenever 'https' is present indicating a Secure connection.

For your Convenience we have linked the image above (opening in a separate window/tab) to the test site which also contains additional information and links pertaining to this threat.

For you own protection, you should also research this issue as there are many well known companies that have been affected. Here is a link to 'Mashable' which is providing (and will continue to update) a list of currently affected websites:

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

OpenSSL versus Shared SSL

What is the difference between 'OpenSSL' and 'Shared SSL'? All this terminiology can be very confusing but hopefully this will assist you in understanding. 'OpenSSL' is similar to 'OpenSource' which many folks use for software similar to Microsoft Excel etc. It is software compiled by 'contributors' (technically savy, of course) and like a 'think tank' for software advancement without being reliant on major companies. (when using any type of 'Open Source' products, as a precaution you should always scan the download with your anti-virus program).

The 'OpenSSL Project' is a collaborative effort of developing a robust SSL (these developments do go through scrutiny and testing within the group). Apparently (from what I have learned), there was an 'added feature' to the already tested software which created this 'unexpected consequence' and potential breach.

'Shared SSL' is the coverage of various websites under one 'Secure Sockets Layer' for your secure pages for which the highest level security can be provided at the Server.

All Rights Reserved Four Corners USA OnLine


!