Nginx - Disable SSL 2.0 and SSL 3.0

Last updated on 28 Sep 2023, 10:23:06.
Category: All about SSL certificates | SSL technical

Nginx SSL v2 SSL v3

This article explains how to disable the SSL 2.0 and SSL 3.0 protocols on your Nginx web server.

Why disable SSL v2 en SSL v3?

SSL 2.0 and SSL 3.0 are obsolete versions of the SSL protocol that have long since been superseded by the more secure Transport Layer Security (TLS) protocol, dat betere beveiliging biedt. In addition, a SSL 3.0 security flaw nicknamed POODLE was discovered in 2014, allowing an attacker to completely circumvent SSL security. You should disable those protocols on your Nginx webserver for better security.

Step 1: Find the SSL sites on your Nginx webserver

Unless you only need to modify one site, in which case you can just open the virtual hosts file you need, try to find all SSL websites with the following command, executed in the root directory of your Nginx installation:

grep -r ssl_certificate *

This will list all SSL server blocks you need to modify.

Step 2: Modify the virtual hosts

Using vi or your favourite text editor, add or modify the following line in each server block that needs updating:

ssl_protocols TLSv1.2 TLSv1.1 TLSv1;

Step 3: Restart Nginx

Restart your webserver with the following command:

/etc/init.d/nginx restart

Related articles

Kinamo mail server settings (mail server cheat sheet)

The following article provides the basic settings and server names (domain names) for the Kinamo mail infrastructure. These settings allow...

Read more

Create an automatic SPAM filter in the Kinamo Webmail

This article explains how you may create a filter that will automatically place SPAM messages in a special folder, so...

Read more

Order an SSL certificate? What is an SSL certificate?

You need to order an SSL certificate? But what is an SSL certificate? And why is everyone saying that it...

Read more

Need extra help?

Were not all your questions answered?
Don't worry, we will be happy to help you via a support request!

Select your language

All languages: