Recent Posts

    Authors

    Published

    Tag Cloud

    301 302 404 accessibility accounts ACLs advertising aggregation Agile Analytics android APP Article attachments awards backup BCM beta browser business continuity Calendar case-study categories Chrome citigroup cms codes coding standards Complaints contact management software control panel crm CSS customer management software customer relationship system customize database DataModel DDoS demo design designer device compatibility difference distribute a published article via email DND DNS documents drag & drop Editor email EOL erp event Excel featured feeds file manager file sharing file volume Firefox Firewall HA hack Handlebar how-to HTML HTML5 HTTP HTTPS iCal IE Instructions intranet iOS iPad Java JavaScript JDBC JDK Jenkins Job Track Journal JSON JVM landing-page launcher layered database layout logging login mac marketing menu meta Microsoft Outlook mobile module modules mustache navigation NTLM offline page painter password passwords PCI policy poll pricing privacy PROXY publish publisher publsher PWA redirect Redundancy release release-notes Report Tool Reports Responsive ReST RESTFul Rich text RSS Safari sandbox sanity schedule scrum search security SEO sessions setup shipping site builder source spell SQL Injection SSL SSO standards store stSoftware support survey Swagger Task template testimonial Threads timezone tinyMCE Transaction Search trigger twitter twitter bootstrap Ubuntu unit tests unsubscribe URL validation WC3 AAA web folders web services webdav windows 8 wizard workflow WYSIWYG XLS XLST XML XPath XSS

    Upgraded the default site SSL to get an A+ grade

    dropped support for SSL IE7 and below

    Overview

    The default SSL handler for the hosted sites has been upgraded to include "perfect forward secrecy" and we have dropped support for the weaker SSL ciphers. 

    The drop of the weaker SSL ciphers means old browsers such as Windows XP IE7 will no longer be able to connect via HTTPS. IE7 will still be able to connect to the non-encrypted HTTP sites or alternatively Windows XP users can use more modern browsers Chrome or Firefox. 

    HTTP Strict Transport Security (HSTS) has been enabled by default, HSTS prevents downgrading to HTTP ( non-secure mode).

    SSL Report: stsoftware.com.au