I have a site under development that is set to go live at the end of the month. I sent the URL to a handful of people today for review, and one person replied that she could not access the site due to “outdated or unsafe TLS security settings.” The site is on DreamHost, uses a Let’s Encrypt Certificate and is run through Cloudflare (where Full/Strict is selected). This is the same set-up that dozens of my sites use, and none ever have issues. The address is above- if you’d like to try and let me know if you can or cannot connect, I’d appreciate it. The site is password protected (1003) to keep Google at bay until I’m ready for it to go live (it’s not quite ready - some buttons aren’t functioning yet, etc.). Thanks.
Thanks, David! I’m using Joe’s PageSafe stack. It’s pretty cool in that it can not only block pages, but can also block parts of pages, if that’s important.
It could be that this person is running a very old OS and/or browser. There are some TLS settings in Cloudflare. You could lower the version of TLS. That has some downsides as well though.
This person may need to update or move to a browser that is not tied to the OS like Chrome or Firefox.
Actually looking at the message, they may have some security setting set that requires that you have a higher version of TLS set. I would recommend TLS 1.2. Or 1.3 if you don’t care about IE.
Thank you for the suggestions, Joe. I will let you know what our networking guru comes up with. So far, it’s just the one person who is having an issue (and all laptops are supposed to be configured the exact same).
Thanks everyone! It turns out that our networking department had blocked the site and forgot to flip a switch allowing full access. They block all “parked” sites (which this one was for a while).
Tagging @willwood so he can read the nice comments about the site and Gator. I appreciate the kind words - kindness goes a long way.
