Knowledgebase

Disabling SSL 3.0 and TLS 1.0 in your browsers and enabling new versions  Print this Article

After POODLE many things has changed, the big ones like Google, Chrome, Microsoft, Mozilla had to reinforce the security in their browsers completely removing SSL 3.0 and TLS 1.0 cyphers protocols cause POODLE used these protocols as attack vectors.

While removing SSL 3.0 is a good thing, this disclosed that the version of TLS 1.0 was also vulnerable, but this version is still active by default in many browsers and operating systems. In this article we will see how to disable it in the mayor browsers so you can have an increased security while surfing the web.



Firefox

1. In the address bar, type "about:config" and press Enter.



2. In the search box enter "tls". Find and double-click on  "security.tls.version.min".



3. Change the integer value to "2" to force the minimum version of the protocol to TLS 1.1 (entering "3" will force it to TLS 1.2).

You can also make sure that "security.tls.version.max" is "4" (this will force the maximum version of TLS to be TLS 1.3, which is the most current and secure).



4. This configuration will now show the new value and will be effective immediately (it is convenient to clean the browser cache and also restart it).




Chrome

1. Open Google Chrome.
2. Press the "ALT + F" key combination and select the "Settings" option.


3. Scroll down and select "Advanced Settings".


4. Scroll down to the "System" section and click "Open proxy settings".


5. In the new window select the "Advanced" tab.


6. Scroll down to the "Security" options and make sure you have checked the boxes "Use TLS 1.1" and "Use TLS 1.2" and UNCHECKED "Use TLS 1.0" and "Use SSL 3.0".
7. Click on the "Apply" button and then "OK".
8. This configuration will be effective immediately (it is convenient to clean the browser cache and also restart it).

You can also enable TLS 1.3 which is the most current and secure version, typing "chrome://flags/#tls13-variant" in the Chrome browser bar and ensure the options is not disabled. You can select Default or Enabled.





Microsoft Internet Explorer

1. Open Internet Explorer.
2. From the Menu bar, go to "Internet Options".


3. Then go to the "Advanced Options" tab.
4. Scroll down to the "Security" options and make sure you have checked the boxes "Use TLS 1.1" and "Use TLS 1.2" and UNCHEKED "Use TLS 1.0" and "Use SSL 3.0".
5. Click on the "Apply" button and then "OK".
6. This configuration will be effective immediately (it is convenient to clean the browser cache and also restart it).

You can test your browser security using the following tools online:

https://www.cloudflare.com/ssl/encrypted-sni/

https://www.howsmyssl.com/

https://www.ssllabs.com/ssltest/viewMyClient.html

Was this answer helpful?

Related Articles

How can i change the MySQL characters encoding to UTF8?
By default the encoding is latin1 but you could try to workaround your code.   To change the...
Oscommerce is showing a blank page in the categories pages
If you made no changes in your account or oscommerce script and this happened suddenly then there...
I have the register_globals disabled server wide, how can i enable it in my account?
This option is available in all our shared cPanel hosting accounts.Please note if your script is...
How could i change the PHP encoding in my scripts?
You could try changing it sending the headers in your php code, i.e.:   header('Vary:...
How do i parse .html files as .shtml (SSI)?
You can add the following line in your .htaccess file:   AddHandler server-parsed .html   or...