How to remove TLSv1.0 / 1.1 and enable TLS 1.3 in Nginx …

… on Ubuntu 18.04

In January 2020, SSL Labs will start to downgrade ratings for websites still using TLS 1.0 and TLS 1.1 Protocols. In this tutorial we will:

  1. Disable TLSv1.0 and TLSv1.1 and enable TLSv1.3,
  2. Enable HTTP/2 if it still isn’t,
  3. Improve Nginx security.

These changes should not affect servers using Let’s Encrypt / Certbot. Please BACKUP your server / websites now!

1. Disable TLS v1.0 and TLS v1.1, enable TLS v1.3

Should you really disable TLS v1.0 and TLS v1.1?

Disabling TLS 1.1 and 1.1 and improving cipher strength will cause problems for a small percentage of your audience: those using deprecated browsers / OS versions. On this example I disabled TLSv1 & v1.1 and removed weak ciphers on a server, resulting in several audience “losses”:

Disable TLS v1.0 and TLS v1.1 in Nginx on Ubuntu

As of November 29, 2019, most of the biggest Websites (Wikipedia, Google, Facebook) still support TLSv1.0 and TLSv1.1 as well as weaker cipher suites – maybe they have good reasons to do so. Twitter has already removed TLS 1.0 and 1.1 support.

If I disable TLS v1.0 and TLS v1.1, should I enable TLS v1.3?

Yes, you should definitely enable TLS v1.3 – even if you keep TLS 1.0 / 1.1. TLS 1.3 is faster than version 1.2, and it is already supported by most mainstream browsers (screenshot taken on November 29, 2019):

Enable TLS v1.3 in Nginx on Ubuntu

Use the following link to check the current browser support of TLS 1.3 on “Can I use”: Can I use TLS 1.3?

Disable TLS 1.0 / 1.1 and enable TLS 1.3

We are going to edit at least two different configuration files:

  • /etc/nginx/nginx.conf
  • /etc/nginx/sites-available/example.com (or /default)

If you use Certbot / Let’s Encrypt, we may also edit this third configuration file:

  • /etc/letsencrypt/options-ssl-nginx.conf

Step 1: edit nginx.conf

First, backup the nginx.conf configuration file:
sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.backup-tls

Then edit this configuration file, for example with Nano:
sudo nano /etc/nginx/nginx.conf

Look for the following line within a http { } block. This line may (or may not) be commented after a hash as follows:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE

Simply remove TLSv1 TLSv1.1 from the line. Add TLSv1.3, the line now should look like this:
ssl_protocols TLSv1.2 TLSv1.3;

Save the file by typing Ctrl + O, then ⏎ Enter and finally Ctrl + X to exit.

Check if the Nginx configuration is valid:
nginx -t

Reload Nginx:
sudo service nginx reload

As a last step, check if TLS 1.0 and 1.1 are effectively disabled on your host, for example using the SSL Labs server testing service. Step 1 may already be sufficient in some configurations.

What if TLS 1.0 and 1.1 are still NOT disabled?

Go on with step 2.

Step 2: edit the server block configuration file

Old SSL protocols may still be active in the server block configuration. Find your server configuration file:
cd /etc/nginx/sites-available/
ls -l

Edit the server block configuration, for example:
sudo nano /etc/nginx/sites-available/default
OR
sudo nano /etc/nginx/sites-available/example.com

Again, look for the following line:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Remove the protocols marked in red, add TLSv1.3 to get the following line:
ssl_protocols TLSv1.2 TLSv1.3;

Save the file and exit nano ( Ctrl + O , ⏎ Enter , Ctrl + X ), test the configuration, reload Nginx, and test your Website.
nginx -t
sudo service nginx reload

What if you can’t find the ssl_protocols line in this file?

Go on with step 3.

Step 3: edit options-ssl-nginx.conf

If you use Certbot to generate or renew Let’s Encrypt certificates, you probably won’t find the ssl_protocols line, but the following “include” command:
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot

Exit nano without saving ( Ctrl + X ) and edit the Let’s Encrypt shared SSL settings:
sudo nano /etc/letsencrypt/options-ssl-nginx.conf

This configuration file is short:

# This file contains important security parameters. If you modify this file
# manually, Certbot will be unable to automatically provide future security
# updates. Instead, Certbot will print and log an error message with a path to
# the up-to-date file that you will need to refer to when manually updating
# this file.

ssl_session_cache shared:le_nginx_SSL:1m;
ssl_session_timeout 1440m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;

ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS";

Again, remove TLSv1 and TLSv1.1 in the following line and add TLSv1.3:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

The line should look like this:
ssl_protocols TLSv1.2 TLSv1.3;

Test the configuration, reload Nginx and test your Website.
nginx -t
sudo service nginx reload

Did these changes affect Certbot / Let’s Encrypt certifications renewals?

Check if renewal works using:
sudo certbot renew --dry-run

However, this check may be insufficient in our case. Please BACKUP your website before forcing a cert renewal:
certbot renew --force-renewal

In my experience, there were no problems with Certbot after making TLS version changes.

2. Enable HTTP/2 in Nginx

This part is really easy. First check your Nginx version:
nginx -v

To run HTTP/2, you must use Nginx version 1.9.5 or later – which should be no problem on Ubuntu 18.04 and later releases. You websites should also use SSL/TLS encryption.

Edit the server block configuration, for example:
sudo nano /etc/nginx/sites-available/default
OR
sudo nano /etc/nginx/sites-available/example.com

Look for the following lines within the server { } block:

# SSL configuration
listen 443 ssl default_server;
listen [::]:443 ssl default_server;

If you use Certbot, these lines will probably be at the end of the file and look like this:

listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot

Simply add http2 after 443 ssl on both lines. In the second example (Certbot), it should now like like this:

listen [::]:443 ssl http2 ipv6only=on; # managed by Certbot
listen 443 ssl http2; # managed by Certbot

Save the file and exit nano ( Ctrl + O , ⏎ Enter , Ctrl + X ), test the Nginx configuration and reload Nginx:
nginx -t
sudo service nginx reload

Test if HTTP/2 is active

To test if HTTP/2 has been successfully enabled, you for example use KeyCDN’s (free) online tool:
KeyCDN HTTP/2 Test Tool

By the way, HTTP/3 is coming soon: it is currently being implemented in Nginx 1.17 and making its way to Chrome, Firefox and Cloudflare.

3. Improve Nginx security

This part of the tutorial assumes you use Let’s Encrypt with Certbot.

3.1. Edit the Let’s Encrypt shared SSL settings (options-ssl-nginx.conf)

Open the Let’s Encrypt shared SSL settings file:
sudo nano /etc/letsencrypt/options-ssl-nginx.conf

Improve SSL session cache, disable SSL session tickets

SSL shared session cache is already active in the default Certbot configuration. Modify the SSL session cache to increase cache and reduce timeout:

ssl_session_cache shared:le_nginx_SSL:40m; # holds approx 40 x 4000 sessions
ssl_session_timeout 2h;
ssl_session_tickets off;

Use a stronger cipher suite

Replace the default cipher suite in the Let’s Encrypt shared SSL settings. Even the “Old” cipher suite in Mozilla’s SSL Configuration Generator is stronger than Let’s Encrypt default cipher list. Mozilla’s “Intermediate” list for TLS v1.2 could be a good choice:
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

3.2. Edit the server block configuration

Edit the server block configuration, for example:
sudo nano /etc/nginx/sites-available/default
OR
sudo nano /etc/nginx/sites-available/example.com

(Give up) OCSP stapling

Update! OCSP stapling seems to be useless:
SSL certificate revocation and how it is broken in practice

Mozilla’s Web Security Cheat Sheet doesn’t even mention OCSP stapling anymore:
Web Security Cheat Sheet

Websites like Twitter, Facebook and Google don’t use OCSP stapling (but Wikipedia does).

If you still want to use OCSP stapling, edit the server block configuration, for example:
sudo nano /etc/nginx/sites-available/example.com

Adapt and add the following lines:
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

HTTP Strict Transport Security (HSTS)

Inside the server {} block, add the following lines:

# HSTS (63072000 seconds = 2 years)
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains;" always;

or for one year:

# HSTS (31536000 seconds = 1 year)
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;" always;

Be careful with HSTS preloading!

“Be aware that once you set the STS header or submit your domains to the HSTS preload list, it is impossible to remove it. It’s a one‑way decision to make your domains available over HTTPS.” Read more at:

Activating HSTS preloading should be considered thoroughly. In this guide we chose not to use HSTS preloading.

X-Content-Type-Options and X-Frame-Options

Add the following lines to the server {} block:

add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

Useful SSL resources:

 

Posted in Linux, Nginx, Wordpress.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.