2.3.1.11. Choosing TLS encryption protocol versions

TLS (transport layer security) - an encryption protocol that protects data transmitted over the network. It is used when connecting to a site via HTTPS and exists in several versions - from 1.0 to 1.3. Versions 1.2 and 1.3 are currently relevant. Versions 1.0 and 1.1 are outdated, but are still supported on hosting so that client sites are available to any visitors, including those using old devices, browsers and scripts that do not support TLS 1.2 or 1.3.

Supported TLS versions can be selected in site settings:

Option "Maximum compatibility (TLS 1.0-1.3)"- used by default. Ensures the site is accessible to all visitors, regardless of the devices and browsers they use.

Option "Most modern only (TLS 1.2-1.3)"- allows you to get the rating"A"In the test on the site SSL Labs... But at the same time, visitors with very old browsers and scripts that work on old OSs with OpenSSL 0.9.8 will not be able to access the site (according to our statistics, this is ≈1% of total requests, including both HTTP and HTTPS requests). Attention! To get the rating “A+»It is necessary that the site still give HSTS header valid for at least 1 week.