---
title: "TLS Hardening"
source: "https://docs.nexcess.com/hosting/security/tls-hardening/"
description: "Go beyond basic SSL. TLS hardening strengthens your server's encryption by disabling weak protocols and ciphers to protect against modern attacks."
vertical: "Hosting"
date: "2025-07-11"
last_modified: "2026-07-02"
---

# TLS Hardening

**TLS hardening** is the process of configuring a server’s TLS protocol to meet current security standards. This is accomplished by disabling obsolete protocol versions, like SSLv3 and early TLS, and selecting a specific set of strong cryptographic cipher suites.

This configuration is necessary because vulnerabilities in older protocols and ciphers are discovered over time. Without hardening, a server might negotiate a connection using a weak configuration, exposing encrypted traffic to attacks such as POODLE or BEAST. By specifying which protocols and ciphers are permitted, you ensure that connections to your server use strong encryption.

---

TLS Hardening Articles

1 result

Here are our resources to help you strengthen your server’s TLS configuration.

- ## [Managing TLS protocols and cipher suites on your server](https://docs.nexcess.com/hosting/security/tls-hardening/managing-tls-protocols-and-cipher-suites-on-your-server/)
    
    Learn how to configure TLS/SSL protocols and ciphers for Apache, FTP, and email on cPanel, Plesk, & InterWorx servers to enhance security and meet PCI compliance.
    
    
    
    [Read more: Managing TLS protocols and cipher suites on your server](https://docs.nexcess.com/hosting/security/tls-hardening/managing-tls-protocols-and-cipher-suites-on-your-server/)
