Secure Your HTTPS / SSL / TLS
By David Xiao
If you own a personal site and like to make both your site and visitors secure, read this: Just because you’ve enabled HTTPS does not mean it’s sound and secure.
TLS v1.0 and v1.1 are known to be vulnerable and should not be allowed on your site. It is a security best practice to make TLS v1.2 the minimum version allowed on your site.
For more detail, check out this post on Google Security Blog and this post on Google Chrome Browser Updates.
Get a Test on your Site
You can use SSLLabs to conduct a quick test on your site.
Initial test results
Click on any of the server will give you a brief explaination on the findings.
See explaination here
I’m using Cloudflare as CDN for api.davidxiao.me, so I went on to the Cloudflare portal and updated the “Minimum TLS Version” to “TLS 1.2”.
Updating minimum TLS version to 1.2
Then performed a re-scan. It looks much better this time.
The new results
Hope this is helpful!