chrome 63 ftp not secure

FTP sites will be marked Not Secure from Google Chrome 63

FTP sites will be marked as Not Secure with the release of Google Chrome 63 in December 2017

chrome 63 ftp sites not secure

Thats the direction of the discussion at https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/HknIAQwMoWo/xYyezYV5AAAJ

Although there have been plans to remove FTP support altogether, for now FTP sites will only be marked as Not Secure.

About FTP

FTP, or File Transfer Protocol, used with ftp:// requests is a decades-old network protocol that is used to transfer files between clients and servers. FTP does not encrypt traffic by default, making it susceptible to interception and manipulation by eavesdropping third parties.

FTP can be secured using an SSL/TLS, which in turn creates FTPS. Unfortunately, FTPS is not a widely-supported feature on most browsers, including Chrome, due to its low usage rate.

What are FTP sites?

FTP sites are locations from where you can use your browser to download large files such as the latest Linux OS distribution, or third-party softwares for your operating system.

However, since in time most software distribution services have moved to HTTPS download, and it is suggested the rest do the same.

 

symantec trust issue

Chrome and Symantec – the Final “Trust” Solution

chrome symantec trust issue

The Google Chrome team announced in March 2017 that it had a problem with Symantec for violating industry standards related to SSL certificate issuance. This has been discussed cooperatively over the last 4 months by Google, Symantec, and other members of the internet community. On 27th July 2017, Chrome and Symantec announced their final plan to move forward.

If you operate a website that uses a Symantec SSL certificate, please read this post to see if future versions of Chrome will affect your specific certificate and how you can replace that certificate (for free) before anything goes into effect.

Are you affected?

If you are a current user of Symantec certificates or plan to purchase one in 2017, this could affect you.

As a leading Certificate Authority, there are more than an ideal amount of Symantec SSL certificates will be affected.  Note that Symantec operates multiple brands, all of which are affected:

  • Symantec
  • GeoTrust
  • Thawte
  • RapidSSL

Also, note that Mozilla Firefox will be taking a similar course of action, but at this time they have not committed to a final plan.

What changes are expected in Google Chrome

The two stages of Chrome’s distrust, which serve as deadlines, are marked in RED to clearly show the difference between general information and actionable items.

October 24th, 2017
Chrome 62 will display a message in Developer Tools to help identify certificates which will be affected by distrust in Chrome 66. Visit your websites with the Developer Tools panel open – this will allow you to identify which websites will be affected by distrust in Chrome 66.

December 1st, 2017
A partnered Certificate Authority (CA) will begin issuing certificates for Symantec. As an end user, you may notice some small changes in the issuance process. From a technical standpoint, this date is significant because it marks beginning of the “new” Symantec certificates. Certificates issued after this date will be issued from different roots and will not be affected by Chrome’s dis-trust.

April 17, 2018
All Symantec certificates issued before June 1st, 2016, will no longer be trusted by Chrome.
Certificates issued after June 1st, 2016 are not affected at all in this release. Replace any Symantec certificates issued before June 1st 2016 by this date. This can be done by reissuing your certificate for free from your provider and installing the new certificate in place of the old one. If your certificate expires around this time (April-June) you may want to consider renewing it, instead of reissuing, to avoid two replacements within a short time frame.

Oct 28th, 2018
All certificates issued by Symantec with their existing infrastructure will no longer be trusted by Chrome.
Starting in the stable version of Chrome 62, a message will be added to the Developer Tools panel when a certificate that will be distrusted in Chrome 66 is encountered. Developers can use this functionality to ensure they identify certificates on their websites that will be affected.

Our Recommended Plan of Action

To reduce the amount of disruption and effort required, we recommend the following action:

If your certificate expires BEFORE December 2017

We recommend you renew (instead of reissue) your certificates prior to December. This will allow you to have a trusted certificate in place through the holiday season up until Oct 2018 when all certificate files from Symantec’s existing roots will have an issue and need to be replaced on your website. Alternately, switch over to certificates from a different Certifying Authority (CA) such as Comodo to avoid any issues.

If your certificate expires DURING December

Symantec hopes to have their partner CA issuing certificates on December 1st (a Friday). If you can wait to reissue and replace your certificates until after this occurs, you will most-likely never need to replace your certificate files on your website until their natural expiration date.

However, note that delays may occur which require Symantec to miss the December 1st estimate, and there may be an unusually high volume of issuance at that time which could cause technical issues.

If that is the case, if you are close to the expiration of your current certificate you may risk outages. ‘Holiday freezes’ may also prevent you from replacing certificates during this month.

If you do need to replace your certificate before Symantec’s partner CA is ready to issue certificates, you will need to replace the certificate files again before Chrome 70’s release (expected late Oct 2018).

Alternately, you can switch over to certificates from a different CA such as Comodo to avoid any issues.

If your certificate expires AFTER December 31st, 2017

We recommend you wait to replace any of your certificates until Symantec’s partner CA begins issuing certificates (expected December 1st, 2017). After this date you can begin reissuing and replacing certificates as needed. This way you need to replace your certificate files only one time.

Certificates issued by Symantec’s partner CA will not be affected by Chrome’s changes and will not need to be replaced until their natural expiration.

Special Case: If your certificate was issued BEFORE June 1st, 2016 and expires AFTER April 17th, 2018

You fall into a special case. Your certificate must be reissued and files replaced BEFORE the release of Chrome 66, which is expected April 17th, 2018 in order to remain trusted in Chrome.

However, you should wait until after December 1st 2017 to reissue your certificates. On this date, Symantec’s partner CA will begin issuing certificates. By waiting until this date you will only need to replace your certificate one time.

If you reissue before Symantec’s partner CA is available, your certificate will come from one of Symantec’s current root certificates and will need to be replaced against before October 2018.

UPDATE: Mozilla Firefox will follow more or less the same timelines as Google Chrome.

 

let's encrypt logo

Let’s Encrypt certificate or a commercial SSL – the final verdict

let's encrypt logo

Let's Encrypt background info

Introduced in 2016, Let's Encrypt represents a free open certificate authority (CA), which provides website owners with digital certificates for enabling HTTPS (SSL/TLS).

It was launched by the Internet Security Research Group (ISRG), a public-benefit organization sponsored by the Mozilla Foundation, the Electronic Frontier Foundation (EFF) and Cisco Systems, with the aim of making HTTPS encryption both affordable and user-friendly.

Their main goal is to create a more secure, privacy-driven web.

Continue reading

free ssl post install server assessment

Free SSL Post-Install Server Assessment

getssl.in ssllabs grade

Customers of getSSL by iWebz using the automated SSL certificate buying system now have a way of assessing how well they have setup their TLS/SSL certificate on their web server. We now provide the ability to use the Qualys SSL Labs server test from your getSSL Order Details page.

What is a server SSL test?

The server SSL test looks for incorrect SSL setup or weak encryption (ciphers) enabled on your web server. At the end of the test you will be presented with detailed results (see server SSL test results for getssl.in) with recommendations on how to rectify the identified issues, if any. Always target getting a grade of A+ or A. Anything lower means a risky web server SSL configuration.

Implment the recommendation and ensure your web server has the most secure setup with the TLS/SSL certificate you have purchased.

How can I use the server SSL test?

iWebz has provided a one-click server SSL test launcher link, on the Order Details page. Click the link to launch the SSL installation assessment for your SSL-secured hostname (web server). This server SSL check is absolutely free of cost to you as a customer. Run this test on-demand, unlimited number of times!

free ssl post install server assessment

Order Details page for an Active order with the server SSL test link enabled

In order to use this feature you need to complete the Domain Control Validation (DCV) check. Once you complete the validation, the order is marked Active, and the link will automatically be available as shown in the screenshot.

Updated April 18th, 2017: This link is now upgraded to run a multi-service full website security scan powered by Observatory by Mozilla. This also includes the previous server SSL test powered by Qualys SSL Labs. Now you can choose to consider only the SSL setup results or look at the complete security analysis of your website.

 

sms

getSSL launches SSL Certificate Order Status via SMS for customers from India

Send SMS message to know your getSSL order status

Send a SMS with IWEBZ SSLORDER Order_Number to the mobile number 92205 92205 to know current order status for your SSL certificate order anytime* after Step 1 of the getSSL certificate order process. Standard SMS rates apply for India. This facility is only available for fresh certificate orders placed by Customers from India after January 22nd, 2017.

For example, if you have paid for your order, and your order/invoice number is 14021717174045, then send IWEBZ SSLORDER 14021717174045 to 92205 92205 to know order status.

If your number is on the DND list then you will not receive a response. You will need to first send the keywords IWEBZ START to the mobile number 92932 92932 to subscribe to this service before sending the order status request via SMS.

*This SMS service will only respond between 9am to 9pm.

iWebz℠ Can Help You Get SSL Certificates Fast & Cheap!

Our SSL certificate deals start as low as $6.75 per year!!

Due to our large-scale sourcing relationship from top global SSL brands such as COMODO, RapidSSL, GeoTrust and Thawte, you get the best SSL certificates at the best prices!

All certificates purchased via iWebz will have the best SHA2 256-bit security encryption with 2048-bit key length, and also improve your website's Google search result ranking.

getstarted_b

Visit our SSL Certificate store

SSL Certificate Product Recommendations

SSL Certificate HTTPS browser display

HTTP To HTTPS In 15 Minutes For getSSL.in Customers

SSL Certificate HTTPS browser display

Now you can enable HTTPS access for your website in 15 minutes flat!

The team at getSSL by iWebz℠ (www.getssl.in) has just introduced a completely automated order process for new SSL/TLS certificate orders.

The File-based and CNAME-based domain validations are also now available in addition to the Email-based method.

Certificate files can be downloaded in ZIP format immediately after the Domain Validation step is completed.

As a result of this development the following steps can now be completed in just a few minutes:

  • Online Order Payment - typically 2-3 minutes
  • Certificate Enrollment with CSR - typically 4-5 minutes
  • Domain Validation (DV) check - typically within 4-5 minutes of Email validation (recommended)/1 hour of File validation/4 hours of CNAME validation
  • Certificate Files Download - immediately available after DV check is successful

Thats not all... Certificates can now be re-issued within minutes as well!

The certificate re-issue process will include a DV check if a new CSR is submitted, otherwise certificates will be re-issued and available for download within 5 minutes.

You can also request for certificates to be re-issued unlimited number of times before expiry of the certificate.

With the new order process we will provide the following benefits:

  • Fully online order process lets you control the speed of certificate generation.
  • Certificates can be downloaded within minutes of placing the order.
  • Certificate order status can now be tracked in real-time.
  • Certificate files can be downloaded on-demand any number of times.
  • Unlimited certificate re-issues on-demand within validity.
  • Lowest prices in India for Comodo, RapidSSL, Thawte, and GeoTrust certificates.
  • Payment accepted via Cards, Net Banking, UPI, and Digital Wallets.

Place an order for a Free SSL certificate* to practise certificate generation & installation, and try out the experience of ordering via getSSL.

Order Free SSL Certificate

*The Free SSL certificate is issued by RapidSSL and is issued only once per domain name.

 

iwebz wallet payments india

Digital Wallet Payments Now Accepted – India Only

Wallet Payments For Indian Small Businessmen and Individuals

iWebz aims to enable small businesses and individuals with affordable web-based technologies. Payments via Cards & NetBanking were a pain point for several small businessmen & individuals as they needed details on-hand to make payments. We are glad to report that we now accept digital wallet payments from a variety of Indian service providers as listed below.

freecharge logo
mobikwik logo
jio money logo
ola money logo

UPDATE 16th Nov 2016: We have just been informed by our payment gateway vendor that PayTM wallet will no longer be supported.

Wallet Payments Made Easy

Making wallet payments in India is easy! Simpy select Wallets as your payment source followed by selecting the specific digital wallet to charge to make your payment. Thereafter your payment will be processed via your selected option. All you need to do is login to authorise fund transfer. Currently there is a limit of ₹10,000 per month per digital wallet.

wallet payments selection
wallet payments wallet selection

Wallet Payments Accepted Here

iWebz℠ now accepts wallet payments for India (only) for various product & services on the following websites: