Cloudbleed Vulnerability

WPMU and EduBlogs are listed as sites affected by the recently discovered Cloudbleed leak: https://github.com/pirate/sites-using-cloudflare

I assume users should immediately change their passwords? ...and API keys?

Do you guys have any plans to support 2FA on these accounts so that if/when these types of things happen there is another layer of security to protect accounts?

Thanks

  • Adam Czajczyk

    Hello Rone,

    I hope you're well today and thank you for your question!

    The Cloudflare case is quite a "big thing" indeed. In fact it's not that WPMU and EduBlogs were affected but all the sites all over the web that are using CloudFlare. Our admins (both WPMU DEV and EduBlogs) had made some changes to protect us and our Members from that CloudFlare leek so we should be safe now.

    You may however want to change your password "just to be sure". As they say: it's better to be safe than sorry :slight_smile:

    As for two factor auth. I'm not able to tell you if and if so when we are going to implement it. There are some technical reasons for that platform's auth working the way it is now but our CTO just told me that he may be looking into it in future so I suppose that may be implemented at some point.

    If you have any additional questions, let me know please.

    Best regards,
    Adam

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.