Remove TLSv1 and TLSv1.1 and add TLSv1.3 (#641)

In 2022, TLSv1 and TLSv1.1 is insecure.
getredash · Sep 23, 2024 · ebae83b · ebae83b
1 parent 132a988
commit ebae83b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/pages/kb/open-source/admin-guide/https-ssl-setup.md b/src/pages/kb/open-source/admin-guide/https-ssl-setup.md
@@ -48,7 +48,7 @@ server {
   ssl_certificate_key /path-to/cert.key;
 
   # Specifies that we don't want to use SSLv2 (insecure) or SSLv3 (exploitable)
-  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+  ssl_protocols TLSv1.2 TLSv1.3;
   # Uses the server's ciphers rather than the client's
   ssl_prefer_server_ciphers on;
   # Specifies which ciphers are okay and which are not okay. List taken from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html