RC4 is an encryption cipher used in protocols such as SSL / TLS . RC4 ciphers have long been considered problematic because of their vulnerability to a number of cryptographic weaknesses that can be exploited. To know more about RC4 vulnerabilities, have a look at the current IETF draft .
We wish to bring to your attention that due to these security vulnerabilities, we will be phasing out support for the RC4 encryption algorithm from 28th Oct 2015 .
We will stop extending support to the following RC4 ciphers for our SSL / TLS protocols.
TLS _ RSA _ WITH_RC4_128_ SHA
TLS _ ECDHE _ RSA _ WITH_RC4_128_ SHA
Analysis of connections to Site24x7 services show that only 0.1% of users utilize RC4 in their protocols. As a Site24x7 user, depending on how you access Site24x7 service, there are two cases in which this can affect you -
- Accessing
Site24x7 services through API calls:
If you have configured your integration to access Site24x7 services through API calls, you may need to reconfigure your current integration so that it uses a more secure alternative such as AES. If your integration was provided by a third-party vendor please do get in touch with them and re-configure your integration. If you are uncertain of your current integration, please provide us the name of your third-party vendor or a copy of your code snippet so that we can assist you. - Accessing Site24x7 services through
browser:
If you are accessing Site24x7 services using Internet Explorer(IE6 or less) on Windows XP(or lower) you will not be able to access site24x7.com. Similarly, people who access Site24x7 services through outdated browsers on devices such as old mobile phones will not be able to access site24x7.com.
As a workaround, we strongly recommend Windows XP users to switch to a newer version of Windows. If this is not possible, you will need to use updated versions of browsers such as Firefox/ Chrome to access site24x7.com.
Please keep in mind that failure to make these changes before 28th Oct 2015 will render you unable to access Site24x7 services.
Please write back to us at [email protected] if you need any clarification.