The recent security vulnerabilities found in bash (shellshock) again have caused sleepless nights for many developers and sysadmins. We had similar issues last time when Heartbleed was found to be affecting many servers.
Reacting to a situation like this usually consists of three steps:
- Checking to see if you are affected
- Finding a way to fix the issue
- Rolling out the fix with minimum disruption
Am I affected?
This is the first step. It usually involves searching the net, reading forums and threads to find the most reliable way to check if a server or application is vulnerable to a specific threat.
How to fix it?
Once it is known that a server is vulnerable to a security issue, the next step is to find a fix. This usually involves finding the right patch for the OS, the fixed version of a component or gem.
How to roll it out?
Now that we know how to fix the issue, we need to find out how we can roll it out as quickly as possible with as little diruption to our customers.
How can Cloud 66 help?
Everyone who is deploying a Rails, Sinatra or Padrino stack on Cloud 66 benefits from automatic OS updates as well as an option to roll out fixes to more sever issues during deploy with "Apply Security Upgrades" option on the deploy menu.
Our StackScore also keeps monitoring your overall infrastructure setup as well as some parts of the app for known security issues.
OS level security monitoring
We are pleased to announce that from today we are also checking all Cloud 66 deployed servers for known security issues at the OS level (like Shellshock) regularly and will reflect the results in your Security StackScore. You will get an email when there is an issue and when automatic security upgrades fix the problem. So no more worries about the possibility of vulnerability and being unsure if a server is left behind.
OS level security monitoring is available to all Cloud 66 customers from today for free!
Stay secure and kepping rocking!