Disable TLS1.1 is a good idea ?

Post Reply
User avatar
odbox
Posts: 2
Joined: Wed Jan 27, 2021 8:04 am

Hello and first of all thank you for adding me.
I'm really new in hosting and I'm learning. I love your project that is exactly that I was searching, really clear, really simple, really essentials.

Second, you have to excuse my English because I'am French.

Then, I'm using myVesta as default installation and deals web template PHP-FPM-73 / Proxy ans SSL support.
Server : Apache+nginx, exim, bind, Dovecot, clamav,spamassassin, mysql, proftpd, iptables, fail2ban, cron.

just a little question about TLS, I've heard that it is quiet good to disabled TLS1.1 and just use 1.2 or also 1.3 but I see that TLS1.1 is in use in myVesta. Do you think it will cause problems if I disable TLS1.1

( and last but not least I really don't know how to do that perhaps it is this line in CONFIGURING SERVER / NGINX ??

Code: Select all

# SSL PCI Compliance
ssl_session_cache   shared:SSL:10m;
ssl_protocols       TLSv1.1 TLSv1.2;
Do I would have to remove TLSv1.1 and just that to do, I think its a little bit more complicated, or not...

Many thanks by advance.

Tags:
User avatar
myVesta
Site Admin
Posts: 928
Joined: Fri Jun 19, 2020 9:59 am
Has thanked: 8 times
Been thanked: 6 times

I think it's safe to do that.
You can also add "TLSv1.3", I think it will works.
User avatar
odbox
Posts: 2
Joined: Wed Jan 27, 2021 8:04 am

It's done and it is working good.

Added TLSv1.3 and removing TLSv1.1 (NGINX config.) and restart.

Code: Select all

# SSL PCI Compliance
ssl_session_cache   shared:SSL:10m;
ssl_protocols       TLSv1.2 TLSv1.3;
Thank you !
stefansweb
Posts: 3
Joined: Wed Sep 07, 2022 11:04 pm

What command I need to enter to get that?
Post Reply