Pantheon release notes: Deprecated

Pantheon is updating our SFTP access control, requiring the use of SSH keys starting April 30, 2024. Access via Pantheon usernames and passwords will be disabled.

You'll still access the web dashboard with your username/password or Single Sign-On, but SFTP access (e.g., via terminal or applications like Filezilla or Cyberduck) will need an SSH key.

We are making this change to maintain a secure and reliable platform. Learn how to configure your SFTP client with SSH keys in our documentation.

In Pantheon's continual efforts to stay up to date with modern web security standards, Pantheon is removing support for a certain set of cipher suites for TLS 1.2. By removing support for specific TLS 1.2 ciphers, Pantheon is enhancing overall platform security. This change ensures that the websites hosted on Pantheon will only use stronger and more secure encryption protocols, which helps protect sensitive information transmitted between users and the websites.

The following obsolete TLS 1.2 ciphers have known vulnerabilities and have been removed:

• TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
• TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
• TLS_RSA_WITH_AES_128_CBC_SHA
• TLS_RSA_WITH_AES_128_GCM_SHA256
• TLS_RSA_WITH_AES_256_CBC_SHA

Pantheon has proactively identified and communicated with affected customers. No action is required at this time, but if you have any questions/concerns, please feel free to reach out to your Account Team at Pantheon or to Pantheon Support via a ticket or chat.

As part of our end-of-life plan to retire the Legacy Edge, CNAMEs edge.live.getpantheon.com and styx-01.pantheon.io now point to Global CDN.  This change allows for the transition of sites to Global CDN with minimal interruption. Permanent shutdown happens on February 1, 2022.

On March 5th, the cost for legacy load balancers increased from $30/month to $60/month. To avoid increased charges, upgrade to the Global CDN, which includes free, automated HTTPS, by updating DNS records.

In keeping with the recommendations of PCI DSS, we no longer support TLS 1.0 for customer sites. Older browsers and mobile devices that do not support TLS 1.1 and 1.2 will likely experience problems and security vulnerabilities. If you need to continue support for TLS 1.0, you can do so with Cloudflare. For details, see Cloudflare's documentation.

On February 24th 2016, Drupal 6 will no longer be supported by the Drupal community. Read more about it in Drew Gorton’s blog post.

in place of the campaign attributes in the original URL. Now you will no longer experience PANTHEON_STRIPPED normalization in any of your Google Analytics reports.