Bluehost Web Hosting Help
TLS 1.0 PCI Compliance
This article will discuss how you might be affected by the removal of TLS 1.0 in the updated PCI Compliance Standards.
What Is TLS 1.0?
TLS 1.0 is a standard for encrypting data that is communicated between a computer and a server on the internet. Encryption keys provided by your SSL certificate provide the means to encrypt and decrypt the information. It is often used by websites that take Credit Card payments or hand other sensitive information that you wouldn't want plainly available. When information is encrypted, it is far less likely to be stolen. This is because a hacker will have to decrypt the information being communicated.
TLS 1.0 is one method, out of many, used to facilitate encrypted communication. Encrypted communication is required by the Credit Card industry before any business can accept Credit Card transactions.
What Is PCI Compliance?
PCI stands for Payment Card Industry. To be PCI compliant is to conform to the Payment Card Industry Data Security Standard or PCI DSS. You must be PCI compliant before you can accept Credit Card payments. Unfortunately, TLS 1.0 encryption is now considered too weak and will be removed as an acceptable encryption method for PCI Compliance. This means anyone relying on TLS 1.0 may lose PCI Compliance and no longer be able to process Credit Card transactions.
What To Do
To avoid issues with TLS 1.0
- Bluehost will remove TLS 1.0 support from our system before the cutoff date. If your Compliance Scan Vendor indicates you are not compliant you will need to contact them.
- Keep your web browser up to date. Browsers that do not support encryption methods newer than TLS 1.0 may no longer work on encrypted pages.
Recommended Help Content
How To Activate Free SSL Certificate - Free Wordpress SSL Setup
Bluehost now provides free free SSL certificates for all WordPress sites. This article describes how to activate the free SSL for a WordPress site.
How to Upload an SSL Certificate to SiteLock
This article will explain the process for uploading an SSL Certificate to SiteLock's dasboard. The steps for accessing the SSL Manager may vary depending on which user interface your account uses.
Related Help Content
How to Download your SSL Certificate
This article explains how to download a copy of your SSL certificate.
Protect Specific Pages With SSL
This article will show a way to protect specific pages of your website with SSL. This may have benefits for SEO and can be used on pages that contain forms, shopping carts or any other page where users might enter sensitive information.
Manage Service SSL Certificates
How to add a new SSL certificate for your different WM services.
Purchasing or Renewing SSL certificates
How to renew an existing SSL certificate--or purchase a new one, within your cPanel
Comodo Positive SSL Certificate Seal
Where do I get a copy of the site seal for my SSL I purchased through Bluehost?
VPS Dedicated Installing SSL
To help with installing an SSL certificate for an account on a dedicated server through the WHM
SSL Installation of 3rd Party Certificate
I need to have an SSL 3rd Party Certificate installed for my domain.
Installing the WildCard SSL on a Reseller account
How to install the provided WildCard SSL on a reseller account