Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Microsoft IIS webserver.

  1. Use IIS Crypto to disable TLS 1.0.

  2. Open IIS Crypto, select the "Best Practices" template or manually uncheck TLS 1.0 under the Protocols section.

  3. Click Apply and reboot the server.

  4. Alternatively, disable via the registry:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001
Back to top