Disable TLSv1 in Nginx

Written by

Yujin Boby

in

To disable TLSv1 in nginx, add

ssl_protocols TLSv1.1 TLSv1.2;

in your server config.

if you are using letsencrypt SSL, edit file

vi /etc/letsencrypt/options-ssl-nginx.conf

Find

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Replace with

ssl_protocols TLSv1.1 TLSv1.2;

Restart Nginx

service nginx restart

To verify, run

nmap --script ssl-enum-ciphers -p 443 DOMAIN.EXTN

This will list all supported SSL protocols.

nmap

Nginx SSL Configuration

See Nginx

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts