2014-12-05
POODLE Update for FTP
Recent Posts
- What's New For July 2024
- Automate Management of Files.com with Terraform
- What's New for June 2024
- Still using SFTP with Boomi? There's Something Better!
- What's New for May 2024
- What's New For April 2024
- What's New for Q1 2024
- Automation Configuration Changes may be Required
- A New Look for Files.com
- Permission Fence - A New Way To Manage Permissions
As many of you are aware, Google recently discovered a major security flaw in the older SSLv3 protocols used to secure HTTPS, FTPS, and FTPES communication. This was called the POODLE bug and you can read about it here.
Almost immediately, we disabled SSlv3 for HTTP connections on BrickFTP in the interest of security. We held off on disabling it on FTP connections to allow FTP clients time to update.
The time has come for us to flip the switch and disable SSLv3 on FTP as well.
We decided to let you (the site operator) selectively disable this requirement for FTPS and FTPES connections to maintain compatibility with legacy FTP applications that do not support TLS encryption.
We do not recommend that you disable this requirement, but if you experience problems with FTP because of this change, you can disable the requirement in your account at Configuration > Security. Please note that allowing SSLv3 is tantamount to not using encryption at all (because it is encryption that is known to be broken.)
Questions? Need help?
Please let us know how we can assist you. We’re here and glad to help. Please contact us by email, chat (in your web interface when logged in), or phone (1-800-286-8372 ext. 2).
Get Instant Access to Files.com
The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.
Start My Free Trial