Thank you for this info!
Maybe I'm not well informed, but this makes me curious. How can it tell if it's affected by heartbleed by its URL?
Thanks for the article, Paul. I was a bit leery of installing it but finally did. The results don't show up instantly and sometimes seemed to take a long time to register. Not sure how accurate this thing is but I used it to check my usual favorite websites (they all passed). Probably will use it for a few days and then disable it.
It works by attempting to gain access to the website in question by using the "heartbleed bug". If it gets through it will notify you that the website is not protected against this attack.
So it lets you know, by actually performing the attack. It uses the same process as found here.
Shouldn't it be OpenSSL and not OpenSSH?
Thank the maker! This oil bath is going to feel so good.