Google reported in a blog post today the discovery of a security vulnerability with SSL version 3.0. Our engineers were notified of this vulnerability before the announcement was made public and have made the necessary changes to disable access to SSL 3.0 on our core infrastructure.
Unlike the HeartBleed vulnerability, most of our users will not be impacted from this change. However, those that are using outdated web browsers (Internet Explorer 6 for example) will be unable to connect securely to our control panel and website.
If you’re using an outdated web browser, simply download the updated versions or download newer clients such as Mozilla Firefox or Google Chrome. These browsers utilize an enhanced security protocol known as TLS, which has the ability to automatically update keeping you secure in the future.
SSL Version 3.0 will be disabled on Firefox on November 25, but you do not have to wait for this to be released. You can download a plugin that will allow you to set the minimum SSL version. If you’re using Internet Explorer, simply go to Settings -> Internet Options -> Advanced Tab -> Uncheck SSLv3 under Security.
Our system engineers are working to disable SSL version 3.0 across all of our servers. This will be done in segments to ensure there is no impact your websites.
You can learn more about this issue by reading Google’s report
As always, you’re more than welcome to contact our support if you have any questions and/or concerns.
