We won't go into the technicalities of the whys, whats and hows of Shellshock, suffice to say it is very serious and of not correctly managed by web hosting companies can expose the servers where websites are hosted to all manner of compromise.

At Tapiochre, we build websites which we host on servers at one of four hosting environments. We use different hosting sites to not only build some resilience into our service offerings, but also to accommodate specific requirements that particular companies provide in comparison to others. Also, from time to time, our customers will choose the hosting company for their websites before approaching Tapiochre.

We wish to reassure our web customers that we work closely with and monitor the way our hosting partner delivers their shared hosting services and below we outline how they are responding to the Shellshock issue.

Heart Internet

Heart Internet reports:

"We have kept on top of the exploit and security issues since the vulnerability was first highlighted earlier in the week within the Linux community. If you have a shared hosting account with us, you do not need to take any action.

All Heart Internet infrastructure and shared web hosting servers were patched on 24.09.2014 as soon as the initial vulnerability CVE-2014-6271 was announced.  Furthermore, all Heart Internet infrastructure and shared web hosting servers were patched on the morning of 26.09.2014  as soon as updates for CVE-2014-7169 were available.

Please rest assured that Heart Internet will be keeping even closer watch on the situation and will implement any further security patches as needed; any updates will be added to the bottom of their blog post at this link."