TLS refers to Transport Layer Security, and it is a cryptographic protocol that provides authentication, data integrity, privacy as well as end-to-end communications between two devices connected over a network. It is one of the security protocols which is used on an immense scale on browsers and other applications.

Why Do I Need TLS?

Without proper security measures, your website is very likely to get compromised, which can be very harmful to your site audience as well. If you run an online business or your site processes sensitive information such as financial and banking information; then, there should be no flaws in your site security; therefore, Payment Card Industry (PCI) standards also recommend setting minimum TLS versions to v1.2 or newer to safeguard payment data. Nowadays, many services such as PayPal, Stripe, Authorize.net, FedEx, UPS, and many other services refuse TLS v1.0 connections. This means it is better to use newer TLS versions as well to avoid any future issues with 3rd party providers.

In May 2020, Google has also announced that they will be updating their page ranking criteria to look at page experience metrics, one such important factor will be security, thus making it vital that your page is running the latest in security trends.

Tip

Learn more about how does the TLS work, its impact on SEO, and why do you need SSL/TLS in this article.

Does Cloudways Support TLS 1.3?

Definitely yes, we currently support all the TLS versions, including the latest TLS 1.3 on all the servers across our server farm and Cloudways CDN. Previous TLS versions had security flaws, which may lead you to fail in providing a trusted and secure environment to your potential visitors where they feel confident in doing business with you. You have nothing to worry about if you are a Cloudways client because you can effortlessly update the TLS version using the Cloudways Platform in just a few clicks instead of editing the server configuration files.

How to Update the TLS Version

The following steps will demonstrate how you can change your TLS version in just a few clicks. This feature of updating TLS versions is currently unavailable for Debian 7 servers; however, it is available on all the servers with the Debian 8 and Debian 9 distributions.

Important

Disabling older TLS versions such as TLS v1.0 and v1.1 on your server will protect your server and your clients from vulnerabilities. But, be cautious when disabling the older TLS versions as that can make your website inaccessible to those users who are still using outdated software such as Android v4.4 or older versions, Internet Explorer v10 or older versions, Windows 7, or similar outdated programs which support TLS v1.0 and v1.1 but not the newer versions.

Step #1 — Navigate to Server Settings and Packages

Log in to your Cloudways Platform using your email address and password.

  1. From the top menu bar, open Servers.

  2. Then, select the desired server.

3. Under Server Management, select Settings and Packages.

4. Navigate to the Advanced tab.

Step #2 — Updating TLS Version

Scroll down to the Nginx block. Under TLS Versions, you will see the TLS protocol version(s) currently selected. To update the protocol, simply click edit.

Next, choose your desired protocol based on your requirements and hit Save Changes. Please note that you can not disable TLS v1.3.

Important

It is a server-level configuration; thus, your selected TLS protocols will apply to all the applications deployed on the same server.

Verifying the TLS Version

You can use any third-party tool or service to verify the TLS version. You can use CDN77.

You have learned how to update the TLS version. Please note that if you clone your server, then you need to select the TLS version for the new cloned server as these configurations are not replicated.

That’s it! We hope this article was helpful. If you need any help, then feel free to search your query on Cloudways Support Center or contact us via chat (Need a Hand > Send us a Message). Alternatively, you can also create a support ticket.

Did this answer your question?