Hosted Email: Insecure Connections being phased out 1st June, 2020

We have always tried to make it easy for customers to use our Hosted Email service and this includes supporting a wide array of protocols, encryption methods and ports.

Encrypted connections to mail servers are now commonplace and all modern mail clients support them. Over 75% connections to our Hosted Email service are currently encrypted.

We will be phasing out insecure IMAP, POP3 and SMTP email connections on our Hosted Email platform on the 1st June, 2020. We will be contacting clients directly affected by this change multiple times and will have a number of blackout hours as outlined in the timetable below.

  • 23rd – 27th March 2020: We will look at incoming insecure connections and email clients directly affected letting them know they have until the 1st June 2020 to sort this and offer assistance if necessary.
  • 20th – 24th April 2020: We will generate a new list of remaining insecure connections and email clients with a reminder.
  • 18th – 22nd May 2020: We will generate a new list of remaining insecure connections and email clients with a final reminder.
  • 25th, 27th and 29th May 2020: At 10am UK time we will disable insecure IMAP, POP3 and SMTP connections for 1 hour.
  • 1st June 2020: We will disable insecure IMAP, POP3 and SMTP connections permanently.

To ensure you are connecting to our Hosted Email service securely and to ensure you’re using our most up to date, recommended mail client settings, please visit this help page: https://blog.anu.net/hosted-email-connection-settings/

If you have any questions, concerns or feedback or if you need any assistance, do not hesitate to contact us by emailing support@anu.net

PHP versions and our 3 anuhosting.net servers

Our original ams1-c5-1.anuhosting.net Direct Admin server runs CentOS 5 which became End of Life at the end of April 2017 and is powered by an older version of PHP (5.5).

In anticipation of this back in 2016 we commissioned two replacement servers. One is powered by CentOS 6 and PHP 5.5 designed to support legacy sites but supports secure protocols such as TLS 1.2 and still receives security updates. The other is a CentOS 7 / PHP 7.0 based server for newer sites who want the best performance and latest security updates. Many of our clients have migrated over and are enjoying the benefits.

We have had enquiries from customers who want to use PHP 5.6 – something that we didn’t support on our Direct Admin servers. PHP 7.2 was also recently released.

We now support a secondary version of PHP on both our ams2-c6-1.anuhosting.net and ams2-c7-2.anuhosting.net Direct Admin servers. By default you will be using PHP 5.5 on ams2-c6-1.anuhosting.net and PHP 7.0 on ams2-c7-2.anuhosting.net. However, if you wish, you can now use 5.6 on ams2-c6-1.anuhosting.net or PHP 7.2 on ams2-7-2.anuhosting.net. In order to change the PHP version per website, there is a setting in the “Domain Setup” section of Direct Admin.

CentOS 5 has been End of Life for almost a year now so we encourage everybody to migrate their website to one of our newer servers. We are always happy to deploy you a second account on our newer servers free of charge for you for a short period of time to allow you to test and migrate your website.

If you have any questions or need help planning a migration to one of our newer Direct Admin servers, do not hesitate to email us on support@anu.net.

Google Chrome soon to mark all HTTP traffic as insecure

Web browsers have been gradually encouraging websites to phase out HTTP traffic in favour of HTTPS traffic (secure encrypted browsing, usually associated with green padlocks / green bars). Some examples of this are displaying warnings if pages contain log in forms / credit card forms and are not served via HTTPS.

Google have announced that version 68 of Google Chrome, due July 2018, will flag up ALL sites served over the http:// protocol as insecure. This is likely to have substancial impact because Google Chrome is now used by over 50% of users and therefore other browsers (Mozilla Firefox, Microsoft Edge etc) will likely follow suit.

It is vital that by then your website is serving all traffic securely over https:// with a valid SSL certificate. We offer a range of SSL certificate options to achieve this and can assist you every step of the way by providing the certificate, installing, renewing and monitoring it for any problems.

If you have any questions or concerns please do not hesitate to reach out to us by emailing support@anu.net.