CrispinP
Well-known member
Folks,
So in setting up my new forum using XF I noticed the your-server's-not-worthy banner in User Upgrades page.
After reading Mike's two threads and some others around I decided I might as well tick it off now and be done with it.
I've disabled TLS1.0, 1.1 on my server.
However, it seems that me using CloudFlare in the mix is a show-stopper (for their continued use)
My domain, https://www.landcruiserclub.net/community points to CF who then point on to me. Everything is encrypted from me to them (waste of money - I could have used an unsigned cert
) and from CF on to me is encrypted with their cert.
The problem is that CF is still allowing 1.0+ as confirmed by online ssl tester. If you want to use TLS1.2 only then you need to be on their business plan which is USD200 a month. Gulp.
I still see the banner in User Upgrades - I assume this is because it's querying the FQDN which is then going via CF.
Is my understanding of all this correct?
Thanks
Crispin
So in setting up my new forum using XF I noticed the your-server's-not-worthy banner in User Upgrades page.
After reading Mike's two threads and some others around I decided I might as well tick it off now and be done with it.
I've disabled TLS1.0, 1.1 on my server.
However, it seems that me using CloudFlare in the mix is a show-stopper (for their continued use)
My domain, https://www.landcruiserclub.net/community points to CF who then point on to me. Everything is encrypted from me to them (waste of money - I could have used an unsigned cert
) and from CF on to me is encrypted with their cert. The problem is that CF is still allowing 1.0+ as confirmed by online ssl tester. If you want to use TLS1.2 only then you need to be on their business plan which is USD200 a month. Gulp.
I still see the banner in User Upgrades - I assume this is because it's querying the FQDN which is then going via CF.
Is my understanding of all this correct?
Thanks
Crispin
