1. Open Apache configuration
Open terminal and run the following command to open Apache configuration file.
$ sudo vi /etc/apache2/httpd.conf
Also read : How to Redirect POST Request Data in .htaccess
2. Disable TLS 1.0/1.1
Look for the following line in bold
# SSL Protocol support: # List the enable protocol levels with which clients will be able to # connect. Disable SSLv2 access by default: SSLProtocol all -SSLv2 -SSLv3
Change it to
# SSL Protocol support: # List the enable protocol levels with which clients will be able to # connect. Disable SSLv2 access by default: SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
Also read : How to Exclude URL from Auth in Apache
3. Update SSLCipherSuite (Optional)
We will also update SSL Cipher Suite to be more secure. This step is optional and can be skipped if you want.
Look for the following lines.
# SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
Replace the last line above as shown below and also add SSLHonorCipherOrder on after that.
# SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. SSLCipherSuite HIGH:!aNULL:!MD5:!3DES SSLHonorCipherOrder on
Save and exit the file.
Also read : How to Check Concurrent Connections in Apache
4. Restart Apache Server
Restart Apache Server to apply changes
$ sudo service apache2 restart OR $ sudo service httpd restart
