Vulnscanner Blog

logo
Menu
logo
Menu

Enabling TLS 1.3 in Apache and Nginx

In the ever-evolving landscape of internet security, staying ahead of the curve is paramount. One essential step towards fortifying your website’s defenses is enabling TLS 1.3, the latest and most secure version of the Transport Layer Security protocol. In this guide, we’ll walk you through the process of enabling TLS 1.3 on Apache and Nginx, two of the most widely used web servers.

Enable TLS 1.3 in Apache

Before diving into the configuration, ensure that your Apache version is 2.4.38 or above. Follow these simple steps:

Login to your Apache Web Server
Access your server, typically through a secure shell connection.

Locate the ssl.conf File:
The ssl.conf file is commonly found under either `/etc/httpd/conf.d/` or `/etc/apache2/mods-available/`. Use the following command to navigate to the directory:

cd /etc/httpd/conf.d/
or
cd /etc/apache2/mods-available/

Edit ssl.conf Using a Text Editor:
Open the ssl.conf file with your preferred text editor. In this example, we use the nano editor:

sudo nano ssl.conf

Modify SSLProtocols Configuration:
Locate the line starting with `SSLProtocols` and append `+TLSv1.3` to include the latest protocol:

SSLProtocols — all +TLSv1 +TLSv1.1 +TLSv1.2 +TLSv1.3

Save the file and exit the editor.

ctrl + x
ctrl + y

Enable TLS 1.3 in Apache

Ensure that your Nginx version is 1.13 or higher before proceeding. Follow these steps to enable TLS 1.3:

Login to your Nginx Server
Connect to your Nginx server using your preferred method.

Locate the ssl.conf File:
The nginx.conf file is usually located at `/etc/nginx/nginx.conf`. Use the following command:

sudo nano /etc/nginx/nginx.conf

Modify SSL Protocols Configuration:
Locate the line beginning with `ssl_protocols` and add `TLSv1.3` to the list:

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;

Save the file and exit the editor.

ctrl + x
ctrl + y

Restart Nginx:
Apply the changes by restarting Nginx:

sudo systemctl restart nginx

Conclusion

By following these straightforward steps, you’ve successfully enabled TLS 1.3 on both Apache and Nginx. This simple yet impactful enhancement ensures that your website utilizes the latest and most secure encryption protocols, safeguarding your users’ data and maintaining the integrity of your online presence. Stay secure, stay updated!