What does this warning mean?
Sitebulb has identified that it cannot establish a secure connection to the website you're trying to crawl.
When this issue occurs, you will see a warning message saying 'TLS 1.3 is disabled on this computer':
You may also see this warning after an audit has completed, if only a single URL was crawled:
Why is this happening?
When your browser connects to a website, it performs a "TLS handshake" to establish a secure, encrypted connection. The majority of websites support both TLS 1.2 and TLS 1.3, which means the connection can succeed using either protocol. However, a small number of websites are configured to only accept TLS 1.3 connections.
This becomes a problem when TLS 1.3 is not available on your machine. There are two common scenarios where this can occur:
Windows: Antivirus software has disabled TLS 1.3
Some antivirus programs, such as ESET, disable TLS 1.3 on your computer by modifying Windows registry settings. They do this to perform deep packet inspection on your network traffic, which requires downgrading connections to TLS 1.2. For most websites this is invisible, because they support both protocols. But for TLS 1.3-only websites, the connection will fail entirely.
macOS: Platform limitation
On macOS, Sitebulb Desktop currently has a known limitation that prevents it from connecting to TLS 1.3-only websites. There is no user-side workaround for this at present.
What can I do?
If you manage the website
The recommended fix is to enable TLS 1.2 support alongside TLS 1.3 on the web server. TLS 1.2 remains a secure protocol that passes PCI compliance requirements, and disabling it can cause problems for a portion of your visitors and the tools they use.
Around 5% of browsers on the internet do not support TLS 1.3, meaning a TLS 1.3-only configuration may be silently rejecting real visitors, therefore tool and bot compatibility is even lower. Because the TLS handshake happens before any HTTP traffic is exchanged, these failed connections are completely invisible to the website owner.
If you are using a CDN or hosting provider such as Cloudflare, the TLS version settings can usually be adjusted in the SSL/TLS section of your dashboard.
If you are a Windows user trying to crawl a TLS 1.3-only website
If TLS 1.3 has been disabled on your machine by antivirus software, you may be able to re-enable it. Before doing so, be aware that this may affect your antivirus software's ability to inspect encrypted traffic.
To check and re-enable TLS 1.3 on Windows:
Open Registry Editor (press Win + R, type
regedit, and press Enter).Navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\ClientIf a value called
Enabledexists and is set to0, this means TLS 1.3 has been disabled.Change the value of
Enabledto1to re-enable TLS 1.3.Restart your computer for the change to take effect.
If the TLS 1.3 key or Client subkey does not exist in your registry, TLS 1.3 has not been disabled at the registry level and the issue may have a different cause. Please contact [email protected] for further assistance.
Note: Modifying registry settings can affect how your computer operates. If you are unsure, consult your IT department or antivirus provider before making changes.
If you are a macOS user
There is currently no workaround available for macOS. The website owner will need to enable TLS 1.2 support on their server for the crawl to succeed.
Still need help?
If you are still experiencing connection errors after trying the steps above, please get in touch at [email protected] and we will be happy to help.