TLS 1.0 and 1.1 were officially deprecated in 2021 after known vulnerabilities (BEAST, POODLE) were found to be exploitable. Servers that still accept them are running encryption that the industry has formally abandoned.
What TLS version means for your business
TLS is the encryption protocol behind HTTPS. When someone connects to your website, the browser and server negotiate which TLS version to use. If your server offers TLS 1.0 or 1.1, that negotiation can result in a known-weak connection.
Modern browsers handle this themselves now — Chrome and Firefox have blocked TLS 1.0/1.1 since 2020. But automated scanners, API clients, and enterprise security assessment tools still detect what your server accepts.
What happens if you're running old TLS
- Enterprise procurement security questionnaires list TLS 1.2 minimum as a hard requirement — old versions fail supplier assessments
- Cyber insurance applications ask about TLS configuration; outdated versions increase premiums or trigger exclusions
- Automated vulnerability scanners flag it as a medium-to-high severity finding
- PCI DSS compliance (if you take card payments) has required TLS 1.2 minimum since 2018
What fixing it involves
For most businesses, this is a hosting control panel setting — not a code change. Cloudflare, most CDNs, and modern web hosts have a "minimum TLS version" setting. Set it to TLS 1.2 or higher and the old versions stop being offered.
If you manage your own server, the change is in your web server config (Apache, Nginx, IIS each have a one-line directive). Test after changing using an SSL Labs scan to confirm old versions are rejected.
What your domain scores right now
Run the free DomainScores check to see your current TLS grade alongside 34 other security checks — instant, no signup.
Don't want to do this yourself? Domain Fix from €1,197 — we update TLS configuration and fix every other failing check. Grade B+ guaranteed, or your money back.