At WP Engine, we know our customers come to us for a fully managed, high performing WordPress digital experience platform. To meet customer needs, we’re constantly looking for ways to tweak our platform and make sure our customers are running the fastest and most secure WordPress sites in the world.
With that in mind, we’re pleased to announce that TLS 1.3, the latest in Transport Layer Security protocol, is now available to the majority of WP Engine customers (we’ll be rolling out the change to the remainder of customers in the coming weeks), and all WP Engine customers will receive TLS 1.3 at no extra cost!
What is TLS?
TLS (Transport Layer Security) is a security protocol that’s used to secure connections on the web. TLS is an essential part of running a secure website, as it provides the ability to form connections that are confidential, authenticated, and tamper-proof. It’s also a key part of protecting your site against data breaches and DDoS attacks. Encrypting the connection between web applications and servers is a primary use of TLS, but it can also be used to protect other forms of communication, like email and VOIP. TLS actually evolved from SSL technology, and for this reason, the term TLS and SSL are often used interchangeably.
How does TLS improve performance?
You may be wondering how encryption technology like TLS can improve site performance. To understand this, let’s explain how TLS works.
A TLS connection on a website is instituted through a series of handshakes between the web application and the server. These handshakes have three main purposes: they encrypt data, authenticate users, and inspect data integrity. The web application and the server go through a series of handshakes to establish the TLS connection, and as you might expect, this back-and-forth adds to site load time. Although this typically adds up to just milliseconds, which is certainly a fair trade-off for site security, every bit of load time is precious.
Due to its wide range of use cases, TLS is a large focus for security research, and over the years, a lot of improvements have been made to improve the speed at which the handshakes occur in a TLS connection. In TLS 1.3, the latest version of TLS now available on WP Engine’s platform, the number of handshakes has been reduced, which is an extremely effective way to speed up the TLS connection. Customers in high latency networks, where the handshakes have to travel far distances, can expect a performance benefit from this update (check out this article for more information about how TLS 1.3 requires fewer handshakes than version 1.2 ).
Other reasons to adopt TLS 1.3
Performance benefits are not the only improvement found in TLS 1.3. A number of bugs that had significant security implications have been found in the previous protocol, TLS 1.2. Revisions have been published to address these flaws, and we’ve adopted these changes in the latest version.
Furthermore, developers should be aware that Google Chrome will also deprecate TLS 1.0 and TLS 1.1 in Chrome 72. Sites using these versions of TLS will begin to see deprecation warnings in the DevTools console in that release. TLS 1.0 and 1.1 will be disabled altogether in Chrome 81. This will affect users on early release channels beginning in January 2020. Apple, Microsoft, and Mozilla have made similar announcements. In accordance, WP Engine will be removing support for TLS versions 1.0 and 1.1 on March 1, 2020.
How can I adopt it?
TLS 1.3 will become a default setting for customers who have any SSL on the WP Engine platform (even 3rd party, non-LetsEncrypt). Note: not all browsers will support TLS 1.3 but this doesn’t have any adverse effect on your site, it will just default to TLS 1.2.
At WP Engine, we treat platform performance as a product that’s never complete. The availability of TLS 1.3 comes on the heels of two major platform performance improvements announced in Q3 2019: our rollout of the Next Generation Hardware from Google, resulting in a 40% performance improvement, and a 15% improvement in backend performance. We are planning to implement further platform optimizations in Q4 2019, so stay tuned for more updates.