Skip to main content
December 5, 2014

Poodle Update for FTP

As many of you are aware, Google recently discovered a major security flaw in the older SSLv3 protocols used to secure HTTPS, FTPS, and FTPES communication. This was called the POODLE bug and you can read about it hereExternal LinkThis link leads to an external website and will open in a new tab.

Almost immediately, we disabled SSlv3 for HTTP connections on BrickFTP in the interest of security.  We held off on disabling it on FTP connections to allow FTP clients time to update.

The time has come for us to flip the switch and disable SSLv3 on FTP as well.

We decided to let you (the site operator) selectively disable this requirement for FTPS and FTPES connections to maintain compatibility with legacy FTP applications that do not support TLS encryption.

We do not recommend that you disable this requirement, but if you experience problems with FTP because of this change, you can disable the requirement in your account at Configuration > Security. Please note that allowing SSLv3 is tantamount to not using encryption at all (because it is encryption that is known to be broken.)

Questions? Need help?

Please let us know how we can assist you. We’re here and glad to help. Please contact us by email, chat (in your web interface when logged in), or phone (1-800-286-8372 ext. 2).

Get Instant Access to Files.com

The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.