{"id":640,"date":"2023-09-12T13:55:15","date_gmt":"2023-09-12T20:55:15","guid":{"rendered":"https:\/\/blog.iabsolute.com\/?p=640"},"modified":"2023-09-12T13:55:15","modified_gmt":"2023-09-12T20:55:15","slug":"disable-tls-1-0-1-1-in-apache-server","status":"publish","type":"post","link":"https:\/\/blog.iabsolute.com\/?p=640","title":{"rendered":"Disable TLS 1.0 \/1.1 in Apache Server"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">1. Open Apache configuration<\/h2>\n\n\n\n<p>Open terminal and run the following command to open Apache configuration file.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">$ sudo vi \/etc\/apache2\/httpd.conf<\/pre>\n\n\n\n<p>Also read :&nbsp;<a href=\"https:\/\/fedingo.com\/how-to-redirect-post-request-data-in-htaccess\/\">How to Redirect POST Request Data in .htaccess<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">2. Disable TLS 1.0\/1.1<\/h2>\n\n\n\n<p>Look for the following line in&nbsp;<strong>bold<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">#&nbsp; &nbsp;SSL Protocol support:\n# List the enable protocol levels with which clients will be able to\n# connect.&nbsp; Disable SSLv2 access by default:\n<strong>SSLProtocol all -SSLv2 -SSLv3&nbsp;<\/strong><\/pre>\n\n\n\n<p>Change it to<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">#&nbsp; &nbsp;SSL Protocol support:\n# List the enable protocol levels with which clients will be able to\n# connect.&nbsp; Disable SSLv2 access by default:\n<strong>SSLProtocol all -SSLv2 -SSLv3&nbsp;-TLSv1 -TLSv1.1<\/strong><\/pre>\n\n\n\n<p>Also read :&nbsp;<a href=\"https:\/\/fedingo.com\/how-to-exclude-url-from-auth-in-apache\/\">How to Exclude URL from Auth in Apache<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">3. Update SSLCipherSuite (Optional)<\/h2>\n\n\n\n<p>We will also update SSL Cipher Suite to be more secure. This step is optional and can be skipped if you want.<\/p>\n\n\n\n<p>Look for the following lines.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">#&nbsp; &nbsp;SSL Cipher Suite:\n# List the ciphers that the client is permitted to negotiate.\n# See the mod_ssl documentation for a complete list.\n<strong>SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA<\/strong><\/pre>\n\n\n\n<p>Replace the last line above as shown below and also add&nbsp;<em>SSLHonorCipherOrder on<\/em>&nbsp;after that.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">#&nbsp; &nbsp;SSL Cipher Suite:\n# List the ciphers that the client is permitted to negotiate.\n# See the mod_ssl documentation for a complete list.\n<strong>SSLCipherSuite HIGH:!aNULL:!MD5:!3DES<\/strong>\n<strong>SSLHonorCipherOrder on<\/strong><\/pre>\n\n\n\n<p>Save and exit the file.<\/p>\n\n\n\n<p>Also read :&nbsp;<a href=\"https:\/\/fedingo.com\/how-to-check-number-of-concurrent-connections-in-apache\/\">How to Check Concurrent Connections in Apache<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">4. Restart Apache Server<\/h2>\n\n\n\n<p>Restart Apache Server to apply changes<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">$ sudo service apache2 restart\nOR\n$ sudo service httpd restart<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>1. Open Apache configuration Open terminal and run the following command to open Apache configuration file. $ sudo vi \/etc\/apache2\/httpd.conf Also read :&nbsp;How to Redirect POST Request Data in .htaccess 2. Disable TLS 1.0\/1.1 Look for the following line in&nbsp;bold &hellip; <a href=\"https:\/\/blog.iabsolute.com\/?p=640\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25,2],"tags":[],"class_list":["post-640","post","type-post","status-publish","format-standard","hentry","category-apache","category-my-linux"],"_links":{"self":[{"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/posts\/640","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=640"}],"version-history":[{"count":1,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/posts\/640\/revisions"}],"predecessor-version":[{"id":641,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/posts\/640\/revisions\/641"}],"wp:attachment":[{"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=640"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=640"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=640"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}