• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login
Compliance and Privacy Policy Updates

Sucuri Enhances Security by Disabling TLS Version 1.0 and 1.1

June 29, 2018Daniel CidEspanolPortugues

238
SHARES
FacebookTwitterSubscribe

Protecting our users’ information and privacy is extremely important to us. As a cloud-based security service, we are fully committed to complying with the PCI Data Security Standards (PCI DSS) requirements. That is why Sucuri disabled support for TLS version 1.0 and 1.1 to our WAF/CDN edge nodes on June 28, 2018.

What Is TLS?

Transport Layer Security (TLS) is a cryptographic protocol used to enhance the security of a communication channel by encrypting the traffic between the parties involved. Websites use TLS to encrypt the traffic between the web server and the web browser. Giving the assurances to the browser that they are talking to the right server and that the data is not being modified or eavesdropped.

Secure Sockets Layer (SSL) is an older version of TLS which is now deprecated by the Internet Engineering Task Force. People still refer to SSL and TLS interchangeably.

Why Disable Early SSL/TLS Versions?

The PCI Security Standards Council recommends using TLS 1.2 in order to meet the PCI Data Security Standard (PCI DSS) for safeguarding payment data. The deadline for disabling SSL/early TLS is June 30, 2018. The goal is to implement a more secure encryption protocol with TLS 1.2 or higher.

As a website security company, we are happy to implement any changes that make the internet safer. We believe that using a more secure encryption protocol is a very good security improvement.

Sucuri Deprecates TLS 1.0 and 1.1

Security is the very center of Sucuri’s vision. Because of this, we employ cutting-edge encryption and technologies to safeguard the integrity and availability of our systems.

Our globally distributed team has worked meticulously to ensure that Sucuri’s products and services satisfy these new regulations. In order to comply with the new requirements, we have disabled support for TLS v1.0 and v1.1 on our WAF/CDN edge servers.

Do You Need to Do Anything?

Actually, as a Sucuri customer or a visitor, you don’t need to be concerned with these changes.

Most web browsers support TLS 1.2.

With the exception of Internet Explorer (IE), the vast majority of the browsers have already been supporting TLS 1.2 for a while. IE versions 8 to 10 actually support TLS 1.2; however, you need to enable it. You can follow these instructions to do it:

  • Navigate to Tools,
  • Click on Internet Options,
  • Select Advanced,
  • Enable the Use of TLS 1.2.

IE version 7 and older do not support TLS 1.2.

The only issue we foresee is that very old Internet Explorer (IE) versions might not be able to access our website. In this case, users can install a newer browser or update IE if possible, as described above.

Conclusion

Sucuri is always focused on enhancing internet safety. TLS 1.0 and 1.1 will be officially deprecated on June 30, 2018.

We have already disabled support for TLSv1.0 on our WAF/CDN edge servers to be in compliance with the newest PCI Standards requirements. Please let us know if you have further questions.

238
SHARES
FacebookTwitterSubscribe

Categories: Ecommerce Security, Security Advisory, Sucuri Updates, Website SecurityTags: Encryption, HTTP/HTTPS, PCI Compliance

About Daniel Cid

Daniel B. Cid is Founder of Sucuri and the VP of Engineering for the GoDaddy Security Products group. He is also the founder of OSSEC and CleanBrowsing. You can find more about Daniel on his site dcid.me or on Twitter: @danielcid

Reader Interactions

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Getting Started with Sucuri Webinar

PCI Compliance Guide

Getting Started with Sucuri Guide

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2022 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.