How to secure your TLS configuration
A correctly configured TLS encryption ensures that your users only get content from your web application that has not been tampered with and cannot be eavesdropped on. Learn here how you can secure your TLS Configuration.
Based on the specific cipher suite, the values can differ from one to another. For the exact value of each cipher suite, see the table below.
CVSS Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
What Is TLS Configuration and Why It Is Important
A correctly configured TLS encryption ensures that your users only get content from your web application. This means there is no unregulated tampering with the exchanged communication, and users cannot eavesdrop on through the Transport Layer Security protocol.
It is paramount to configure the Transport Layer Security protocol correctly to ensure the real security of your systems. If this is not done, this may create a sense of security that is not backed in reality.
One of the main aspects of TLS configuration is using suitable profiles. Internet organizations recommend profiles, and following them is a good practice.
Legacy profiles for TLS 1.1 and 1.0 have been found to have a lot of vulnerabilities. You should set up a migration plan to replace them with new versions.
How to Check Your TLS Security Settings for Optimal Security
In your TLS configuration, you should set the allowed Transport Layer Security protocol version and ciphers to the most up-to-date values, which are considered secure now.
First and foremost, it is essential to disable all older versions of the Transport Layer Security protocol, such as TLS 1.1 and 1.0. It is also a good idea to disable features that have proven to be insecure. More specifically, it is best to disable insecure renegotiation, insecure protocol downgrade, record compression, export key generation, and support for SSL 2.
As for TLS 1.3, it is advised not to use the zero round trip mode or 0-RTT. If it is enabled, clients can send data in a Transport Layer Security session before the complete TLS handshake. This can give way to replay attacks and other security vulnerabilities. So it is best to avoid 0-RTT mode unless application protocols have specific protection for replay attacks.
See the TLS configuration proposal offered by Mozilla or use the SSL Config Generator.
How to Secure TLS Configuration
For secure TLS configuration, it is crucial to use vital and trusted certificates, as described in Configure Trusted Certificates.
Recommended server certificate configurations:
- Opt-in for the latest SSL/TLS protocol. Currently, modern versions 1.3 or 1.2 of the Transport Layer Security protocol exist.
- Check if you have any intermediate certificates. If you do, install them on your server so browsers get a full certification path.
- Ensure that your certificate applies to all of your hostnames.
- Use TLS implementations with AES cipher** variants rather than older versions with weak ciphers like DES.
- Opt-in for TLS Session Resumption to skip constant session key renegotiation.
- Enable Forward Secrecy (FS), also known as Perfect Forward Secrecy (PFS), to protect past session keys in case a private key is compromised.
- Select secure cipher suites. Recommended cipher suite requirements are a minimum of 128-bit encryption.
The following guides explain how to configure the SSL/TLS encryption for your Apache and Nginx web server.
In the case of Apache, the SSL/TLS configuration is stored in
If you use Let's Encrypt, the configuration may reside in
To enable only acceptable cipher suites with high encryption and current protocols set:
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
Then it would be best if you reloaded the Apache server configuration for the new settings to take effect.
Note that this action limits the eligible default cipher suites and protocol versions to recent Transport Layer Security versions, which might lead users with older browsers to lose access.
For Nginx, update the configuration file which is usually located at
/etc/nginx/sited-enabled/yoursite.com (Ubuntu/Debian) or
Add the following directive to the server section:
Then it would help if you restarted the Nginx server.
Note that this limits the cipher suites and protocol version to recent Transport Layer Security versions. Users with older browsers may lose access.