Update: The deprecation of TLS 1.0 and 1.1 may have been happening the past few days as sparse and unconfirmed reports in various comment threads are pointing out. If your site went down for an error between July 26th and July 30th, 2020 this could be the reason.
Your small business website may stop loading today or in the next few weeks due to something announced by major browser developers last year, the deprecation of TLS 1.0 and TLS 1.1. To keep it simple these are protocols for SSL enabled websites that help keep them secured and both protocols are no longer supported which means they could be insecure.
Back in September of last year FireFox first announced they would deprecate these protocols in March of this year to help protect internet users from unsavory hackers exploiting the nolonger secured protocols. Google’s Chrome, Apple’s Safari, and Microsoft’s Edge quickly followed suit. However, March came and went and there were no signs of the deprecation anywhere as the tech giants grappled with the COVID-19 Pandemic instead.
Today that all appears to have changed as reports emerged from SEO Christopher Shin of Dweitzer who is working with a small business in Korea that their website suddenly stopped working. A quick SSL check showed they were using TLS 1.0 and the website was unable to load in the three main browsers tested by SEO Joe Youngblood.
It appears the browser deprecation of TLS 1.1 just hit in mass according to @seokoreanguy
This has been coming since late last year and was set for March but was delayed due to the pandemic and other issues. https://t.co/wJOzXr6K1C
— Joe Youngblood (@YoungbloodJoe) July 30, 2020
This is a MAJOR issue that all business owners should be concerned about, because a website running on TLS 1.0 or TLS 1.1 protocols will not show any content to website visitors and instead will warn them of the error (on FireFox the user can override this with a button click).
That means a sudden loss of 100% of website traffic from every source resulting in a 100% loss of business generated by the website (i.e. sales, leads, pre-sales inquiries, etc…).
If you’re running any paid search ads, paid social ads, or other paid campaigns this means you’ll be paying for traffic to a website that users can’t see.
This issue won’t immediately impact things like your Google Maps or Yelp listing and it won’t impact your Instagram, Facebook, Twitter or other social media profiles. However, we’re certain a 100% loss of all website traffic is a scary proposition for most.
Here’s how to know if this is a problem with your website.
Chrome Error Message:
"Your connection is not fully secure
This site uses an outdated security configuration, which may expose your information (for example, passwords, messages, or credit cards) when it is sent to this site.
FireFox Error Message:
"Secure Connection Failed
An error occurred during a connection to www.DOMAINNAME.kr. Peer using unsupported version of security protocol.
Error code: SSL_ERROR_UNSUPPORTED_VERSION
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
This website might not support the TLS 1.2 protocol, which is the minimum version supported by Firefox. Enabling TLS 1.0 and TLS 1.1 might allow this connection to succeed.
TLS 1.0 and TLS 1.1 will be permanently disabled in a future release."
Microsoft Edge Error Message:
"Your connection isn't secure
This site uses an outdated security configuration that might expose your personal information when it's sent to this site (for example, passwords, messages, or credit cards).
To fix this issue you’ll need to contact your SEO, your Website Manager, your Hosting Provider, or your SSL / TLS certificate provider to have them figure out what the problem is. Though, in most cases the SSL certificate is set via the web hosting provider and the TLS version can be updated or managed in a dashboard or panel there. It could take as long as 24 to 48 hours to be resolved, that means the you need to act as quickly as possible to get the new SSL certificate installed and get that propagated throughout the internet.
Gain Local customers using our private, ultra-fast, hosting services do not have this issue as our SSL certificates were upgraded to TLS 1.2 and TLS 1.3 last year and stay continually updated.