Support for TLS 1.0 ending
Scheduled for Apr 13, 21:00 - 21:15 BST
Scheduled
** What is happening? **

FLG will stop supporting TLS 1.0. From this time, any request to FLG using TLS 1.0 will fail.

** What is TLS 1.0? **

TLS stands for Transport Layer Security. TLS is a cryptographic protocol that provides authentication and data encryption between different endpoints (for instance, a client connecting to a web server). New versions of TLS have been released to address vulnerabilities and support the strongest and most secure cipher suites and algorithms.

** Why are you doing this? **

It is best practice to configure all systems communicating with FLG to support the latest protocol version possible. We currently support TLS 1.2. Continuing to support old versions of the protocol can leave you vulnerable to attacks.

Industry experts have recommended disabling TLS 1.0 for a while now due to various vulnerabilities, but this current initiative is being driven by an improvement we are making to our infrastructure which will stop us supporting TLS 1.0.

You can already use TLS 1.2 (and TLS 1.1), it's just that we're making this mandatory.

** Will it affect me? **

We have sent targeted communications to all affected customers and will continue to capture requests to identify all affected customers.

** What do I need to do? **

If you still use TLS 1.0, identify the system sending data to FLG using TLS 1.0 and then carry out the necessary steps to stop sending data using TLS 1.0 and instead send using TLS 1.2.

There are various places where you might find requests to FLG using TLS 1.0:

- From your website (including Web Form, iFrame and API integration methods) and other systems that post into FLG.
- In requests to the FLG API within code you've written for your plugins or webhooks.

It's important that you audit your systems carefully.
Posted Mar 03, 2020 - 15:27 GMT
This scheduled maintenance affects: Applications & API (Main Platform & API, New Platform Features, Insights Reporting).