Due to the critical nature of this out-of-band .NET 10 update, we will be rolling out these changes immediately to all servers with .NET 10 installed.

We apologise for the short notice and appreciate your cooperation in keeping the network secure.

Update
This was completed by 06:30 BST

Web Wiz use multiple IP transit providers. To ensure zero downtime for our customers, our engineering team will manually reroute traffic via our alternative BGP paths prior to the start of the maintenance window.

We will restore the GTT path once the provider has confirmed their network is stable.

Effective April  2026, the following legacy .NET Core frameworks will be decommissioned and removed from our shared hosting service:

After this date, applications targeting these versions will no longer run on our infrastructure.

The primary driver for this removal is security. These versions have long passed their official support window from Microsoft, meaning they no longer receive critical security patches.

Specifically, we have seen an increase in vulnerabilities related to CSV, Remove Code Execution (RCE) and Data Injection. Older frameworks often lack the modern, built-in sanitisation libraries required to defend against leaving the website and web server vulnerable to attacks. 

By moving to supported versions (such as ASP.NET 8, ASP.NET 9 or ASP.NET 10), you benefit from updated security, better encryption standards, and native protection against modern injection flaws.

To avoid any service interruption, please take the following steps before the April 2026 deadline:

What if you can't move to a newer ASP.NET version

Option 1. Self-Contained Deployment
A Self-Contained Deployment means that your website will include its own copy of the .NET runtime files inside its application folder, rather than relying on the shared versions installed on our server. This ensures your site continues to work exactly as it does now, even as we remove older, unsupported versions of .NET from the server for security reasons. For further information see; How to Publish Your Site as "Self-Contained"

Option 2. Move to Dedicated Web Hosting

If you are unable to update your application to a newer version of ASP.NET and are happy to accept the security risks, we can provide custom hosting plans that can support legacy applications and frameworks through our Dedicated Web Hosting, for more info see; Windows Dedicated Web Hosting 

We appreciate your cooperation in keeping our platform—and your data—secure.

As global standards from Google and Apple push for shorter SSL certificate lifespans starting from March 2026 (moving toward 30-day cycles), we are modernising our SSL infrastructure to ensure your sites stay secure without the risk of manual expiry.

Because certificates will soon expire every few weeks rather than once a year, manual renewals are no longer a safe or viable option. To protect your uptime, we are moving to fully automated systems.

The Plan: Transitioning to Let’s Encrypt Automation Starting in March 2026, we will begin migrating all shared hosting accounts to Let’s Encrypt certificates.

The Plan: Professional ACME Management & Monitoring Dedicated environments require specialised handling to meet the new 30-day industry requirements. We are implementing an ACME (Automated Certificate Management Environment) Client on your server.

Manual renewals are becoming a thing of the past. With certificates expiring every few weeks rather than once a year, automation is the only way to prevent your website from showing "Insecure" warnings to your customers. We are making these changes now to keep your business ahead of the curve.