A vulnerability in OpenSSL named CVE-2014-0224 has recently been exposed. The Modulus load balancers are not affected by this vulnerability. Customers with dedicated SSL terminators were affected but have all been updated to the latest version of OpenSSL which includes the patch for this flaw.
On Monday April 7th, OpenSSL Project announced a major security vulnerability, Heartbleed (CVE-2014-0160). This flaw allowed for unapproved access to sensitive data on servers. We're happy to say that our public platform and websites were not affected by this issue. However, there were a few dedicated SSL terminators that were affected. These have been updated and fixed.
Basic authentication can be a quick and efficient way to protect your content. Combined with SSL it’s also very secure. This article describes how to add basic authentication to a Node.js Express application.
Modulus interviews Adam Baldwin from the Node security project and &yet.