HTTPS: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
(One intermediate revision by the same user not shown) | |||
Line 4: | Line 4: | ||
* Support TLSv1.3 | * Support TLSv1.3 | ||
* Do not support SSLv3 or lower | * Do not support SSLv3 or lower | ||
* Disable support for TLS 1.0 and TLS 1.1, but beware of incompatible clients | |||
== Links == | |||
* [https://nullsweep.com/http-security-headers-a-complete-guide/ HTTP Security Headers - A Complete Guide] |
Latest revision as of 16:33, 25 September 2019
Ways to improve HTTPS connections
- DNS CAA records - these restrict which certificate authorities are valid for the domain.
- Support TLSv1.3
- Do not support SSLv3 or lower
- Disable support for TLS 1.0 and TLS 1.1, but beware of incompatible clients