Browser extensions to warn you of Heartbleed affected websites

Just two days back we informed you about the dangerous Heartbleed bug that poses a major threat to all the websites on the Internet, especially those who deal with the commercial transactions. Using this bug the hackers can sneak into the websites and gain sensitive information of its users such as credit card details, personal information and much more.

Though major websites and services like Google, Yahoo, Bing, Microsoft Azure, Office 365, Yammer,  Skype have taken steps to ensure that they are protected against this dangerous bug, the threat still looms big as there are many websites that have not taken any protective measures and are likely to be targeted.

While web hosts and websites fix this problem, the process may actually take some time to complete. Changing passwords to keep yourself away from vulnerability is actually a good ploy, however the truth is that it may actually be not enough because if a site has the bug then it has already leaked into the software used by that site. Hence, your new password is exposed to the hacker as earlier your old password was.

Hence, changing the password would be effective only when the website you are using has fixed the site.

In such a scenario, the easiest way is to use Browser extensions to protect yourself from Heartbleed affected websites.

Chromebleed for Chrome Browser

If you are using Chrome browser then one of the easiest way to protect yourself from Heartbleed Bug is to install Chromebleed add-on.  Once installed, this add-on display a warning if the site you are browsing is affected by the Heartbleed bug.

Browser extensions to protect yourself from Heartbleed affected websites

Chromebleed uses a web service developed by Filippo Valsorda and checks the URL of the page you have just loaded. If it is affected by Heartbleed, then a Chrome notification will be displayed. Click here for installing Chromebleed.

FoxBleed add-on for Firefox

Firefox users can use FoxBleed add-on that works similar to the Chromebleed. It achieves this by automatically checking the websites you are visiting whether they are affected by the HeartBleed Vulnerability and notifies you in case they are.




The checking process is given below

  • When visiting a vulnerable website for the first time of the current browser session, a new tab with the corresponding “”-site is opened
  • Indicates exposure to the vulnerability with a filled HeartBleed icon in the bottom right corner
  • Checks each domain name only once per browser session

Heartbleed-Ext add-on for Firefox


Heartbleed-Ext  uses a web service developed by Filippo Valsorda and checks the URL of the page you have just loaded. If it is affected, a Firefox notification will be displayed. It’s as simple as that GREEN = GOOD and RED = BAD.

Heartbleed Notifier and Heartbleed Monitor are some other add-ons available for Firefox.


These browser extensions may give out false positives. Before you do any commercial transactions on the web, please ensure that the website is safe. Checking the health of the website before you visit, can be a good idea. Just do a Heartbleed test as below.


To carry out the test visit this website created by Filippo Valsorda. Just enter the URL of the website you want to visit and see the results.

Thanks for the heads up, Dan. Your tips give us many ideas for such posts.

UPDATE: You might want to also check out Netcraft Extension as it offers Heartbleed and phishing protection for Opera, Firefox and Chrome browsers.

Posted by on , in Category Security with Tags
Ankit Gupta is an Engineering graduate and an MBA post graduate. He brings with himself 5 years plus global writing experience on technology, travel & finance. Apart from having a great interest in following Microsoft, he also has a deep liking for wild life and travels to various wildlife conservatories to be with nature. He suggests that you always create a System Restore Point first before installing a new software, and be careful about any third-party offers while installing freeware.