How To Disable TLS 1.0 & TLS 1.1 on a Windows Server, VPS or Cloud VM

We talked extensively about Google, Microsoft and PCIs push to create a more secure internet. From supporting an open-source SSL certificate initiative like Let’s Encrypt to prompting “Not Secure” warning when visiting all HTTP sites through chrome, IE, and Mozilla. Those of you who are running an e-commerce site are familiar with PCI and already know that PCI has deprecated TLS1.0 & TLS 1.1 so the minimum requirements are TLS 1.2 and the gold standard is TLS 1.3. For those of you how are not familiar with PCI you can find out more here.

Transport Layer Security (TLS) is a critical part of a secure online transaction between two systems as it secures communications by authenticating one or both systems. Serious vulnerabilities prompted PCI to deprecate SSL/early TLS on 30 June 2018. So if you are using a Windows server or Windows VPS or Windows cloud VM you can do your part and be an agent of change by disabling TLS 1.0 and TLS 1.1 on your server. Doing so not only secures your server but also forces others who are still using SSL/early TLS to make the switch to more secure encryption technology.

Here is the step by step instruction on how to disable TLS 1.0 and TLS 1.1 on a Windows server:

  1. Open up Registry Editor by clicking on the Start Button, type in Regedit, and then hit Enter. Since we are dealing with registry, we strongly suggest backing up the current Registry state. Misuse of the Registry might have detrimental effects on your system. (In the Regedit screen highlight computer >>File >>Export >> Save file to a location you want)
  2. In Registry Editor, locate the following registry key:

HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\TLS 1.0\Server ( or TLS 1.1)                

  1. On the Edit menu, click Add Value.
  2. In the Data Type list, click DWORD.
  3. In the Value Name box, type Enabled, and then click OK.

Note if this value is present; double-click the value to edit its current value.

  1. Type 00000000 in Binary Editor to set the value of the new key equal to “0”.
  2. Click OK. Restart the Server.

How To Configure Remote Desktop On Linux VPS / VM

Desktop environment is a bundle of programs that provides a graphical user interface (GUI). It provides end-users with a user-friendly and intuitive way to interact with computers. When it comes to virtual private servers (VPS) or Cloud Servers if you need a remote desktop environment you typically go with a windows VPS, you can simply use predefined applications and services to RDP to the windows server. When it comes to Linux VPSs you typically will be given a SSH access to manage and configure your server, although most Linux system administrators are comfortable managing their VPS through SSH access but sometimes the desktop environment is required during the application installation.

Unlike Windows and Mac, for Linux environment, you have many different desktop environments to choose from such as GNOM, Cinnamon, KDE, MATE, XFCE and etc… Most often than not (depending on the desktop environment) you need to have console access to complete the desktop environment installation and setup on your VPS or hosted server. Here at Cirrus Hosting every Cloud VPS/VM comes with console access free of charge.

XFCE is a light, fast and stable desktop environment and in this blog, we will cover how to setup XFCE on Debian 10.3 and remote desktop to your Linux VPS.

It’s a fairly simple and straight forward process, first you need to SSH to your server and type:

# apt install xfce4

Apt package manager will download and install all the required packages. Once the installation is completed we need to set up a remote server software. In this example, we are going to use tightvncserver:

# apt-get install tightvncserver

After installation is completed we need to run and you will be required to create a password to access your desktop.

# vncserver

To connect remotely to your desktop environment you can use VNC viewer. Type your server IP address xxx.xxx.xxx.xxx:1 and the password you created earlier to access your desktop.

Colocation Data Center with Cirrus Hosting – In the Age of COVID-19 Pandemic

IT professionals are constantly performing risk assessments to identify and modify their security and operational strategy. However, pandemics like COVID-19 presents different sets of challenges as non-essential businesses urged to close and employees are directed to work from home. This pandemic possesses a range of serious challenges in terms of managing, monitoring, security and business continuity specifically to on-premise server setups. As your IT team might not be able to go to the site to physically access the servers, you might not have enough bandwidth to support remote access as more people are instructed to stay home and work remotely or you might not be able to upgrade your gears and increase your pipeline.

In this post, I would like to highlight some of the features of colocation with Cirrus Hosting, at our prime downtown location.

  • Reduced downtime: Here at Cirrus Hosting we have significantly improved our capacity and peak throughput by upgrading our core routes and networking gears. We also increased our pipeline by almost tenfold. We utilize multiple major upstream providers to ensure continuous Internet connectivity, greater route diversity and ultimately enhanced internet performance. In terms of electricity, our data center has 2 feeders from a substation, multiple backup generators with separate generators supporting the cooling infrastructure, automatic transfer switches.
  • Security: The downtown facility is SSAE 16 SOC 1 Type 2 audited. There are multiple layers of security in place to protect your assets like 24/7 On-Site Security guard, tailgate proof mantrap, key card and biometric access, CCTV. You also have the option to work with our network security team to implement firewalls, intrusion dedication and prevention solutions.
  • Flexibility: You do not need to worry about lack of expansion capacity, we have ample space for your future needs with 20k SQF of space. You can add cabinet, power circuits and bandwidth as your business needs grow. This flexibility enables you to make long term plans without requiring a substantial upfront cost.

As you know in many regions co-location facilities are deemed essential services and staff are getting an exemption. You can take advantage of our remote hand services, extend your team by adding on-site expert technicians who are ready to provide you with assistance at the datacenter. Services like swapping removable media, racking and staking equipment and visual verification for remote troubleshooting.

To find out more about our colocation plans please visit here or call 1.877.624.7787

About Cirrus Hosting

Cirrus Tech Ltd. has been a leader in providing affordable, dependable cloud hosting as well as website hosting services in Canada since 1999. They have hosted and supported hundreds of thousands of websites and applications for Canadian businesses and clients around the world. As a BBB member with an A+ rating, Cirrus Hosting is a top-notch Canadian web hosting company with professional support, rigorous reliability and easily upgradable VPS solutions that grow right alongside your business.