Shellshock or the Bash bug has hit the news as the latest bug affecting web servers the world over. What is it, how could it affect you and what can you do about it?
The Shellshock or Bash bug affects all Unix and Unix style operating systems, for example most flavours of Linux and Mac OS X.
Bash is a core module of Unix style operating systems and allows scripts (little mini programs) to be executed (run) on servers and systems.
The Shellshock bug allows hackers to embed code into requests for webpages and this code may be able to open up other services on the server to allow wider access for further malicious activity. The ramifications of this are extremely widespread because a very high percentage of web servers world wide run Linux operating systems.
Whilst there isn’t a full fix (at the time of writing) there is a temporary fix and the good news is that it’s really straight forward for web host managers and technicians to check their servers to see if they are vulnerable. The following article published by Digital Ocean describes all the technical details about the bug and how to check a server and apply the available fixes.
If you are at all concerned to know if the web server where your web site is hosted is vulnerable or not then forward the link above to the person who looks after your website for you.
To add piece of mind to any of our clients – we’ve checked all Juju Digital’s hosting platforms and non of our servers are vulnerable.