Recent Posts

    Authors

    Published

    Tag Cloud

    SSL

    Upgraded the default site SSL to get an A+ grade

    dropped support for SSL IE7 and below

    Overview

    The default SSL handler for the hosted sites has been upgraded to include "perfect forward secrecy" and we have dropped support for the weaker SSL ciphers. 

    The drop of the weaker SSL ciphers means old browsers such as Windows XP IE7 will no longer be able to connect via HTTPS. IE7 will still be able to connect to the non-encrypted HTTP sites or alternatively Windows XP users can use more modern browsers Chrome or Firefox. 

    HTTP Strict Transport Security (HSTS) has been enabled by default, HSTS prevents downgrading to HTTP ( non-secure mode).

    SSL Report: stsoftware.com.au