Security Update Required for Billing

Our billing partner Freshbooks has recently completed a process to fully comply with Payment Card Industry (PCI) standards.

Due to this upgrade in security, it is necessary for you to login to your Freshbooks billing account and make a one-time update to your credit billing information and save it. After doing this, your normal monthly recurring billing will continue without interruption.

Here is information on how to update your recurring billing information:
https://www.freshbooks.com/support/i-m-a-client-how-do-i-pay-my-invoices-automatically#updating

If you need a billing statement for accessing your account, you can make this request through our Help Desk.

HTTP Strict Transport Security (HSTS) Implementation

Rackspace will be implementing HTTP Strict Transport Security (HSTS) to the Cloud Sites infrastructure on August 1, 2016. This security upgrade only applies to HTTPS sites. HSTS significantly improves website security, ensuring redirects are protected from information capture by attackers and protects from malicious redirects to phishing sites.

All Laughing Squid Web Hosting customers using SSL for their sites will need to resolve any mixed content warnings on their sites by August 1st to avoid down time. More information on what mixed content is and how to verify and correct it is available here:

https://developers.google.com/web/fundamentals/security/prevent-mixed-content/what-is-mixed-content?hl=en

To test changes prior to the implementation, put this line in the top of your .htaccess file:

Header Set Strict-Transport-Security "max-age=90"

This will cause HSTS to be strictly enforced on the site for up to 90 seconds, enough time to prevent the site from caching the enforcement while still allowing changes to any page(s) if needed. On August 1st, Rackspace will set the enforcement time to 180 days, which is the full implementation recommendation. After this any mixed content sites will be unable to serve content properly.

If you have issues with the new HSTS implementation, please contact us through the Help Desk.