Remediation Steps
Follow the steps below to remediate this finding on Apache webserver.
In the Apache SSL configuration, update SSLProtocol to exclude TLS 1.0:
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1Reload Apache:
sudo systemctl reload apache2
Follow the steps below to remediate this finding on Apache webserver.
In the Apache SSL configuration, update SSLProtocol to exclude TLS 1.0:
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1Reload Apache:
sudo systemctl reload apache2