Disabling Tls1.0 And Tls1.1 In Nginx

Nginx SSL/TLS Protocol Settings

Specify SSL/TLS protocol settings in the primary Nginx configuration file, usually located at /etc/nginx/nginx.conf, or in your site configuration files. Look for a line beginning with ssl_protocols. For instance, the following is extracted from the default nginx.conf file of a fresh Nginx installation on Ubuntu:

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE

Edit this line to include only current, secure versions of SSL/TLS:

ssl_protocols TLSv1.2 TLSv1.3;

Keep in mind that settings in your default SSL configuration may be overridden by server blocks configuring individual domain names. Therefore, check for those if changes to your protocol settings are not reflected on your website.

After making configuration changes, reload Nginx to apply them. For more information, refer to Nginx’s documentation on configuring HTTPS servers.