Product

Beginning today, all new load balancers will use a security policy that no longer supports TLS 1.0 and TLS 1.1.

Following the release of Composer 2 on October 24th, we wanted to share a guide on how to upgrade your servers to make the most of all the great benefits it brings. First, all new servers will automatically receive Composer 2 by default. For existing servers, you should **delete and recreate** (if desired) the scheduled job within your Forge dashboard that updates your Composer installation every week. By default, Forge created this job with the` --1` flag, which instructs Composer to not upgrade to 2.0. After you have deleted the scheduled task, you may recreate it without the `--1` flag. Next, you have two options: 1. SSH into each of your servers and manually upgrade Composer. 2. Create a recipe and run it against each of your servers. For those of you with just a few servers, connecting to the server and manually running the upgrade command is likely sufficient; however, if you have multiple servers that need upgrading, you can save yourself time by creating a recipe. To upgrade, the following command should be executed: ``` composer self-update --2 ``` This will instruct Composer to update itself and specifically select version 2. And that’s it, we’re done! If your application is not compatible with Composer 2, you can roll back to Composer 1 at any time: ``` composer self-update --1 ``` ---

As of today, newly issued LetsEncrypt certificates on Laravel Forge servers that run on Ubuntu 20.04 have TLS 1.3 enabled by default. TLS 1.3 offers a faster handshake and more secure cipher suites. If you have an existing LetsEncrypt certificate, you will need to issue a new one and activate it in order to receive the upgrade to TLS 1.3.