View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions What's the best way to set up a web server to only use TLS 1.2?
Log in to Ask a Question

What's the best way to set up a web server to only use TLS 1.2?

apache nginx ssl tls tls12
Linode Staff

How can Apache or Nginx best be configured to only allow connections using TLS 1.2, and prevent connections from other SSL or TLS protocols?

1 Reply

Linode Staff

In both Nginx and Apache you can specify which SSL or TLS protocols to use in the virtual host configuration for a specific website, or in the overall configuration for HTTPS connections.

For Apache you can use the following directive:

SSLProtocol all -SSLv2 -SSLv2 -TLSv1.0 -TLSv1.1

You can also reverse it, as so:

SSLProtocol -all TLSv1.2

There's more information on configuring SSL certificates and mod_ssl in Apache here.

For Nginx you use a slightly different directive:

ssl_protocols TLSv1.2;

There's an official guide on configuring HTTPS in Nginx here.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct