Tutorial Apache - Disable SSL, TLS 1.0, and TLS 1.1 [ Step by step ]

Would you like to learn how to disable SSL, TLS 1.0, and TLS 1.1 on the Apache server? In this tutorial, we are going to show you how to enable the use of TLS 1.2 and TLS 1.3 on the Apache server.

• Ubuntu 20
• Ubuntu 19
• Ubuntu 18
• Apache 2.4.41

In our example, the Apache server is hosting the website WWW.GAMEKING.TIPS

Copyright © 2018-2021 by Techexpert.tips.
All rights reserved. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means without the prior written permission of the publisher.

Apache - Related Tutorial:

On this page, we offer quick access to a list of tutorials related to Apache.

Tutorial Apache - Disable SSL, TLS 1.0, and TLS 1.1

Install the Apache server.

Copy to Clipboard

Enable the required Apache modules.

Copy to Clipboard

Edit the Apache configuration file for the website.

Copy to Clipboard

On the HTTPS area, add the following lines to this configuration file.

Copy to Clipboard

Make sure that you have an HTTPS website configured on the Apache server.

As an example, here is our configuration file.

Copy to Clipboard

<VirtualHost *:80>
        RewriteEngine On
        RewriteCond %{HTTPS} !=on
        RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
</virtualhost>
<VirtualHost *:443>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        SSLEngine on
        SSLCertificateFile /etc/apache2/certificate/apache-certificate.crt
        SSLCertificateKeyFile /etc/apache2/certificate/apache.key
SSLEngine on
SSLProtocol             all -SSLv2 -SSLv3
SSLCipherSuite          ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder     on
SSLCompression          off
SSLOptions +StrictRequire
</VirtualHost>

Restart the Apache service.

Copy to Clipboard

In our example, the Apache server will only accept the protocols TLS 1.2 and TLS 1.3.

In our example, the Apache server will only accept strong encryption algorithms.

From a remote computer, test an Apache connection using TLS 1.1.

Copy to Clipboard

Here is the command output.

Copy to Clipboard

From a remote computer, test an Apache connection using TLS 1.2.

Copy to Clipboard

Here is the command output.

Copy to Clipboard

From a remote computer, test an Apache connection using TLS 1.3.

Copy to Clipboard

Here is the command output.

Copy to Clipboard

Congratulations! You enabled the use of TLS 1.2 and TLS 1.3 on the Apache server.

Apache - Disable SSL, TLS 1.0, and TLS 1.1

Apache - Disable SSL, TLS 1.0, and TLS 1.1

Equipment list

Apache - Related Tutorial:

Tutorial Apache - Disable SSL, TLS 1.0, and TLS 1.1

Related Posts