Thursday, October 23, 2014

Disabling SSL 3.0 Support for Accounts We Manage

Due to a critical security vulnerability with SSL 3.0 (an 18-year-old, outdated technology), we are disabling it on the following products:
  • Website Builder
  • Quick Shopping Cart
  • Shared hosting
  • Managed WordPress
  • Gateway-based VPS and Dedicated servers
  • Managed Hosting
  • Servers with Assisted Service Plan
It's important to note that this change does not require any action on your part.


How does this change affect me?

By removing SSL 3.0 support, we ensure websites hosted on your account remain immune against attackers trying to leverage the POODLE vulnerability. You can read more about the vulnerable component and what it means in Google's Online Security Blog.

If your website is protected with an SSL, removing SSL 3.0 support will prevent visitors using very outdated browsers from accessing secure content on your page. This will primarily affect Windows XP visitors using Internet Explorer 6, which Microsoft completely stopped supporting as of April 8, 2014.