Site Security Changes that affect SSL, TLS, HTTPS and FTPS
In September of 2014 Google quietly announced that they would begin to sunset support for the SHA-1 cryptographic hash algorithm (read the announcement here
). Eventually this will happen across all we browsers. Because of this change in security we must adapt, therefore we have made changes to our servers which will affect your secure connections to our systems.
What we are doing:
- Following best practices,
- we have disabled SSL 1.0, SSL 2.0 and SSL 3.0.
- we have re-ordered the cipher suites on all of our systems to ensure that the most secure methods are chosen first
- we have tested the changes and verified that our servers pass all current security configurations for https and ftps.
- Our servers are monitored and patched daily for security vulnerabilities.
How this affects our customers:
- All sites that are secured with a site certificate now function without errors in Google Chrome. There was no effect on Mozilla Firefox, Internet Explorer, Safari or Opera.
- Certain file transfer and web editing software may no longer function properly. Some known issues are with FileZilla, WinSCP and ftp functions of Adobe Dreamweaver. We are recommending that customers use the freely available CoreFTP LE (http://coreftp.com) as their FTP client. Users of DreamWeaver should develop locally and then use CoreFTP LE to upload their files.
We apologize for any inconvenience you may be experiencing and want to assure you that we are doing everything we can to keep you sites, your customer data and our systems secure.
-- Holland Computers Web Hosting Team