In order to keep up-to-date with today’s security standards, EPhost will be implementing some changes to ensure the shared hosting and managed dedicated servers are secure. These changes were required by PayPal, and Authorize.Net, as well as industry best-practices. All customers making outbound calls to secure APIs, for payment transactions or other uses, could be affected.
All EPhost shared hosting and managed dedicated servers will have SSL 2.0, SSL 3.0, & TLS 1.0 disabled and TLS1.1 & TLS 1.2 enabled as of June 30th 2016. This affects both inbound and outbound SSL connections. Please ensure your application is compatible with these server changes for TLS 1.1 or TLS 1.2 to connect to your API or payment gateway.
Please Note: In order to ensure secure transactions in the future, all API and payment processors will require TLS 1.2 as of June 2017.
Effective June 17th 2016 SSL Certificates will be required to have SHA-256 in order to connect to any API or payment processor. If you ordered an SSL certificate through EPhost, you will not need to update as these are all the latest cryptography. You can test your SSL certificate at https://www.ssllabs.com/ssltest/
If you're using Paypal Standard (IPN Verification), login to your Paypal account, go to your Profile - Profile and Settings - My Selling Tools - Website Preferences, and make sure your Return URL begins with HTTPS. You will need to do this if you have a PayPal account and have not already done so.
Authorize.Net will require all websites to use AKAMAI CDN in order to process payments. You can update your Authorize.Net URL at any time to use AKAMAI, or if you do not update, the old URLs will automatically update after June 30th 2016.
The new Akamai SureRoute transaction URLs that are available now are:
Please refer to the following links for more detailed information on these changes:
Important Authorize.Net Networking Change
PayPal Required Security Related Changes