This website uses cookies. Accept Cookies Find out more

The Road Ahead

26 Mar 2020
 by Alexander John in Maintenance, Security, Web Hosting
Length: 1 minute, 7 seconds (224 words)

We have removed support for TLS 1.0 and TLS 1.1 from our servers with immediate effect (16:00, 26th March 2020). This has been done to enhance the security of our services and is accordance with best practices as outlined in IETF RFC 7525. TLS 1.0 and 1.1 have known security issues and there are no fixes or patches available.

If you are using a certificate based on either of these protocols, you must update them with a TLS 1.2+ certificate immediately. If you are, or wish to be, PCI-DSS compliant, you should adopt TLS 1.2+.

Most mainstream web browsers will cease support for TLS 1.0 and TLS 1.2 in the first half of 2020. Approximate deadlines are:

  • Microsoft IE & Edge - first half of 2020
  • Mozilla Firefox - March 2020
  • Safari/WebKit - March 2020
  • Google Chrome - January 2020

Most web browsers will issue a security warning if you attempt to connect to a website using either TLS 1.0 or TLS 1.1. To ensure you receive the best possible protection, we advise you to upgrade your web browser to the latest version. Most web browsers will do this automatically.

Let's Encrypt / SSLForFree Certificates

All free certificates generated through our hosting control panel since the beginning of March have been TLS 1.2+.

15 Jul 2015
 by Alexander John in WebFileManager
Length: 44 seconds (147 words)

In response to yet another set of serious security vulnerabilities, Mozilla has blocked the Adobe Flash plugin from working in its' Firefox web browser. This block will remain in place until Adobe releases a version of Flash that fixes these vulnerabilities. Adobe has already patched one of these flaws and the other two are due to addressed this week.

Firefox users are still able to use Flash, but they will have to manually activate each Flash App. Mozilla has also released instructions on how to adjust Firefox's settings to that Flash will only run upon a direct request from the user.

How does this affect Calzada products?

Adobe Flash is only found in WebFileManager where it is used by the file uploader component, Plupload. Most users will not be affected as Plupload only uses the Flash runtime if your browser does not support HTML5.

01 May 2014
 by Alexander John in Email, Help & Support, Maintenance
Length: 1 minute, 2 seconds (207 words)

Last night, we performed maintenance and upgrade to our core mail services. As a result, there are some changes to our mail services.

Service Upgrade

The core part of the work undertaken last night was the upgrading the software of our mail servers. The software upgrade was successful and all mail services resumed normal operation at around 23:00 last night.

E-mail Virus Scanning

All messages that pass through our servers are automatically scanned for viruses. Any message that contains in which a virus is detected is automatically deleted. We cannot guarantee our virus scanning to be foolproof, so we alway recommend that all of our customer utilises Antivirus protection on their computers as well.

Blocked E-mail Attachments

We automatically block e-mail attachments with particular filename extensions. In most cases, the blocked extensions are files that can cause harm if they are opened or downloaded. We've recently updated and expanded the list of blocked file extensions which take immediate effect.

Forthcoming Work

In the near future (date to be decided), we will be upgrading our webmail software. As with nearly all software upgrades there will be a short period period when webmail will be offline as we switch to the new software.

11 Apr 2014
 by Alexander John
Length: 1 minute, 45 seconds (351 words)

There has been a lot of widespread attention to the Heartbleed vulnerabilty in OpenSSL. Unfortunately, some mainstream news outlets have over-simplified descriptions of Heartbleed that imply it is a pandemic vulnerability. It is not.

We are not impacted by the vulnerability as we do not use OpenSSL. All of our SSL services are delivered using Microsoft technologies that are not impacted by the OpenSSL vulnerability. Additionally, Microsoft has issued a statement stating that the implementation of SSL within Windows is not impacted either.

Although we are not directly impacted, we do recommend that our customers follow the general advice of changing their passwords of all online accounts. Many of our customers use the same username/password combination for all online accounts, and it would only take one of these online services to be exploited for their passwords to be potentially exposed.

That said, there is an argument against changing the password of an online account until that service has been patched or updated with a fix to Heartbleed. Otherwise, you might run this risk of either having to change the password twice, or even more worrying, your new password being potentially exposed.

There are a couple of online tools available to check whether a site is vulnerable to Heartbleed.

Caution: As some technical news sites have noted, using these test tools may be illegal under both UK and US law. Our advice is only to use them if you have permission and/or you are testing your own systems.

A final note: this vulnerability is not restricted to websites. OpenSSL is used in a multitude of applications from VPNs to firewalls to embedded systems. Even though its' existence has been known for 2 years, corrective patches and their installation may not occur immediately.

Changing your Calzada account password

If any customers wish to change their Calzada Media account password, this may be done through My Account. Click on the Account Security tab to access the change password facility.

Updated 19:05 11/04/2014

Additional note about legal implications of testing.

The Road Ahead
News, updates and thoughts from Calzada Media

» Read blog

Recent Posts
 Loading ...