How to Easily Disable Protocols on IIS Server
Estimated Reading Time: 1 Minutes|
Step# |
Task |
Screenshot |
|
1 |
Login to the webserver as an admin and go to: https://www.nartac.com/Products/IISCrypto
Run the tool on the webserver * – Nothing is installed
|
|
|
2 |
Deselect the protocols you want to disable. This tool creates the correct registry keys** and sets them appropriately. After selecting, schedule a restart. Settings are applied after restart
|
|
|
3 |
After the server restarts go to: https://www.cdn77.com/tls-test to verify settings. In addition, open the website and verify it is still working. |
|
Notes:
* The tool uses settings from the following Microsoft Document to make the changes: https://docs.microsoft.com/en-US/troubleshoot/windows-server/windows-security/restrict-cryptographic-algorithms-protocols-schannel
** To disable TLS 1.0 the following keys are created:
HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server
DisabledByDefault = REG_DWORD Hex 1
Enabled = REG_DWORD Hex 0