Disable TLS cipher suites

Solution 1:

The Mozilla SSL Configuration Generator is a good choice to begin with if you wish to create a suitable TLS configuration for your web server. They offer three profiles: Modern, Intermediate and Old.

• Modern means you only allow TLS 1.3 clients, which is very secure, but support among browsers is limited.
• Intermediate also allows TLS 1.2, with a secure set of cipher suites. This is the recommended setting, unless you have good reasons to go with either of the other two.
• Old means that TLS 1.0 and some insecure cipher suites will be supported too. This setting should only be used if you absolutely must support support outdated clients like Windows XP.

For example, the intermediate configuration for Apache would look as follows:

# intermediate configuration
SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

What this does is disable SSLv3, TLS 1.0 and TLS 1.1 (which only leaves TLS 1.2 and 1.3 enabled), then explicitly set a list of supported cipher suites.

As far as impact of user experience goes, the average user will not notice any difference. There is no performance impact, nor should the average user have any problem with connectivity. Users with obsolete clients (e.g. Windows XP or older) will likely not be able to connect to your service (without significant technical hurdles), but this is by design - obsolete clients are obsolete for a reason. Continued support of TLS 1.0 or even SSLv3, only so that a handful of users can still stay on Windows XP, will put all your users at risk.