|
|
Transport Layer Security (TLS) is a common and useful encryption for data in transit. It helps ensure the integrity and confidentiality of data being transmitted across the Internet. However, there are increasing attacks (such as Heartbleed) against the older version of TLS, including in particular TLS 1.0.
Scalyr recognizes that data security is important to our customers and honestly, to everyone. That is why, on October 21st, 2019, Scalyr will no longer accept connections using TLS 1.0. While we know that the majority of our customers have already upgraded to newer versions of TLS, our monitoring of connections did reveal a few connections utilizing TLS 1.0, and we have reached out directly to the customers we identified.
During the period before October 21st, 2019, if you are still using TLS 1.0 to connect to Scalyr, we request that you update to at least TLS 1.1.
Transitioning to TLS 1.1 or later should not be difficult. As a starting point, you can consider these approaches.
1. Update the OS and libraries on the machines sending traffic to Scalyr, so that they are capable of communicating via TLS 1.1+, or
2. Implement a reverse proxy in your infrastructure, which will receive traffic from those machines, and then communicate with the Scalyr API over TLS 1.1+. We can provide some detailed suggestions on setting this up, and you would be responsible for hosting and maintaining this proxy. Please contact [email protected] for more information.
If you have questions about this action, please reach out to us for clarification and information.
