Customer Self-Service Portal

Deprecation of weak ciphers: Server monitoring



On June 30, 2026, Site24x7 datacenter servers will restrict incoming connections to strong TLS cipher suites only. Most servers will continue to connect without interruption, as modern TLS stacks automatically negotiate the strongest mutual cipher. 

Why we are doing this

Weak ciphers are vulnerable to known exploits such as Sweet32 and padding oracle attacks. This change strengthens our security posture and helps meet PCI-DSS and SOC 2 audit requirements.

Supported cipher suites from June 30, 2026

Connections must negotiate one of the following cipher suites:

TLS 1.2

  1. TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  2. TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  3. TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
  4. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  5. TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  6. TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

TLS 1.3

  1. TLS_AES_256_GCM_SHA384
  2. TLS_CHACHA20_POLY1305_SHA256
  3. TLS_AES_128_GCM_SHA256

What you should do now

If action is required, upgrade to a supported OS release and install the latest Site24x7 agent—this resolves the issue in most cases. Where an OS upgrade is not possible, enable TLS 1.2 or later and ensure only the cipher suites listed above are permitted. After making changes, confirm if your agent is reporting normally.

Need help?

Contact our support team and we'll be glad to assist.
Thank you for helping Site24x7 keep your infrastructure secure.