Skip to main content
All CollectionsAdministrationAccess & Security
Workspace 365 hosted cipher suite support
Workspace 365 hosted cipher suite support
Updated this week

Cloudflare

Workspace 365 leverages Cloudflare's Content Delivery Network (CDN) to provide a secure and scalable hosted platform. To ensure secure SSL/TLS connections, we strive to use the highest security standards available.

Cloudflare allows us to customize the cipher suites used for SSL/TLS connections. This article outlines the available cipher suite configurations and their implications for security and compatibility.
โ€‹

Cipher Suite Standards Offered by Cloudflare

Cloudflare provides three levels of cipher suite configurations: Legacy, Compatible, and Modern. Each is designed to cater to different security and compatibility needs:

1. Legacy

Listed for completeness of information, but we do not allow this suite to be used.

  • Purpose: Designed for maximum backward compatibility with very old systems.

  • Usage: Rarely used due to weak security by modern standards.

  • Recommendation: Avoid unless absolutely necessary to support outdated client systems.

2. Compatible (Default)

  • Purpose: Balances compatibility and security.

  • Details:

    • Includes some CBC (Cipher Block Chaining) ciphers for broader client support.

    • CBC ciphers may be flagged as weak by SSL testing tools like SSL Labs.

  • Current Setup: All existing hostnames on Workspace 365 are configured to use this suite by default.

  • Recommendation: Suitable for environments requiring broad client compatibility but may not pass stringent security audits.

3. Modern

  • Purpose: Provides the highest level of security.

  • Details:

    • Excludes CBC ciphers and focuses on stronger encryption methods.

    • Compatible with modern browsers and systems while maximizing security.

  • New Hostnames: All newly requested hostnames will use the Modern cipher suite by default.

  • Recommendation: Ideal for users prioritizing strict security compliance and compatibility with up-to-date systems.

Configuring Cipher Suites

  • Existing Hostnames: These will continue to use the Compatible cipher suite unless a request is made to switch to a different configuration.

  • New Hostnames: Starting from the 25th of November 2024, all newly requested hostnames will be configured to use the Modern cipher suite by default. You can always request to change it to Compatible if you are experiencing compatibility issues.

Why Choose the Modern Suite?

  • Avoids weak ciphers flagged by SSL testing tools.

  • Aligns with best practices for secure web traffic.

  • Ensures compatibility with modern web browsers and systems.

Additional Resources

For a detailed breakdown of the cipher suites included in each configuration, visit Cloudflare's official documentation:
โ€‹Cloudflare Supported Cipher Suites

For further assistance or to request a change in cipher suite configuration, please contact our support team.

Related Articles
How do I create a Workspace environment?
Release notes Workspace 365 v4.00.0
Workspace 365 hosting migration
Request custom URL (CR-03)
Configuring the WebDAV file server in Workspace 365
Did this answer your question?