How to disable weak ciphers on nginx

I’ve read and reposted this post here that explains how to remove some weak ciphers from nginx and apache.

It has been useful but I’ve found I needed to edit the string a little and remove some ciphers that Qualis SSL check considered weak.

Here’s the string, in case you have a similar need.



Hardening Your Web Server’s SSL Ciphers · Hynek Schlawack

There are many wordy articles on configuring your web server’s TLS ciphers. This is not one of them. Instead I will share a configuration which is both compatible enough for today’s needs and scores a straight “A” on Qualys’s SSL Server Test.

Source: Hardening Your Web Server’s SSL Ciphers · Hynek Schlawack