TLS/SSL Security

Your Files.com site is automatically secured with Transport Layer Security (TLS), previously named Secure Sockets Layer (SSL), so that all network communication with Files.com is secure. This includes strong protection against "man-in-the-middle" (MITM) attacks, which is how we earn an A+ score on the Qualys SSL Grader tool.

Issues With Content Filtering

On some networks, users receive SSL error messages that include the text "This site can't provide a secure connection" and ERR_SSL_PROTOCOL_ERROR. These errors can also present as CORS errors.

Most of the time, this is caused by a network that is intercepting HTTPS traffic and re-encrypting it using a certificate that does not belong to Files.com. This is frequently performed by corporate or enterprise networks for data loss protection, security, phishing protection, etc.

There is no way for a web browser or application to differentiate between this sort of "approved" interception of the secure HTTPS connection and a MITM attack where an attacker inserts a malicious interception point in your network.

The vendors and product names we typically see associated with this sort of activity include ZScaler, Symantec WSS, Comcast Business, Palo Alto, SecurityEdge, and Akamai, but there are many others.

Solutions

You have a few options to address problems created by SSL/TLS Protocol filtering. It's not possible to disable or alter Files.com's TLS requirements, but you may be able to change your connection.

Update Network/Firewall Configuration

The typical solution to resolving these error messages is for the network/firewall administrator to whitelist traffic on *.files.com or [subdomain].files.com so that they will not try to interfere with our SSL traffic. Files.com continues to serve a secure, encrypted connection even without SSL/TLS protocol filtering.

Configure a Custom Domain

You may be able to avoid firewall situations like this with our Custom Domain feature. With a custom domain, your users would access your Files.com site via your own domain (e.g. files.[YOURDOMAIN].com) instead of a files.com subdomain. We provide a matching SSL certificate and two dedicated IP addresses exclusive to your site as part of this feature.

Use Another Network or VPN

Alternatively, you can connect to Files.com via a VPN or another network that will not interfere with Files.com's SSL traffic.

Get Instant Access to Files.com

The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.

Start My Free Trial

©2024 Files.com. All right reserved

FILES.COM

  • Start My Free Trial
  • Pricing
  • Docs
  • API and SDKs
  • Contact

LEGAL

COMPANY

CONTACT & SUPPORT

support@files.com

(800) 286-8372

Monday–Friday

9am–8pm Eastern