At FullHost we are always committed to the highest and latest security standards. We want you to feel confident that we are protecting the privacy of your information.
To meet the latest PCI Data Security Standards (PCI DSS), we have fully disabled TLS version 1.0 and 1.1 on all servers we manage. This includes our Shared and Enterprise Hosting, Reseller Hosting, WordPress Hosting, Email Hosting, and any Virtual or Dedicated server that is managed by us. Additionally, our own Client Portal and website have had previous versions of TLS disabled.
What is TLS?
Transport Layer Security (TLS) is a successor protocol to SSL (Secure Sockets Layer). For those familiar with that terminology, TLS is an updated and more secure version of SSL. While these terminologies are still used interchangeably, TLS is what is commonly used today to secure and encrypt communication between two parties, such as between a web server and browser. Whenever you are submitting any personal data, such as credit card or other personal information, TLS is what ensures to you that the information you enter in your browser is communicating to the correct server and is not being intercepted, modified, or simply eavesdropped on.
What do I need to do?
TLS 1.2 is not a new protocol and was defined in August of 2008 (https://tools.ietf.org/html/rfc5246). As a result, most web browsers natively support TLS 1.2 so there should be no action required by you and this should not affect you.
For those that use Internet Explorer, versions 8 to 10 support TLS 1.2 but it may need to be enabled manually.
You can enable TLS 1.2 by going to Tools > Internet Options > Advanced > Enable the Use of TLS 1.2
For older versions of IE they do not support TLS 1.2.
Why are you disabling older versions of TLS?
Using the most up to date and advanced encryption protocols provides you and your customers the peace of mind that data transmitted between you is done securely.
The PCI Security Standards Council recommends using TLS 1.2 in order to meet the PCI Data Security Standard (PCI DSS) for safeguarding payment data and had set a deadline to have earlier versions of TLS and SSL disabled by June 30th, 2018.