Written by Steve Perry
Published on

What are the perfect SSL settings?

Setting up a secure site isn’t just about adding an SSL certificate. It’s about securing your web server, keeping system software up-to-date, turning off server options that you don’t need, having a professional website built by a company who understands security and a lot of other considerations but you can go a long way with a good SSL as long as you don’t just install it and think you are done.

When you install an SSL certificate you need to decide on how tightly secured you want your website to be. This is a balance between supporting older devices / browsers and being too flexible that you are open to attacks. Here are two tools that will help you achieve a good balance:

A good starting point for adding the right Cipher Suites and settings to your server config is Cipherli.st – Strong Ciphers for Apache, nginx and Lighttpd.

Then you can test those settings using the Qualys SSL Labs SSL testing tool to make sure you are protected against the latest vulnerabilities as well as supporting the correct devices and web browsers.

Steve Perry Creative Ltd

Studio and registered office: 4 Back Lane, Brown Edge, Staffordshire ST6 8QS.

Copyright © 2012 – 2023 Steve Perry Creative Ltd., unless otherwise noted.

Registered in England & Wales, number 08354632.


Typeset in Söhne Kräftig and Söhne Buch, by Klim Type Co.

Set as 32/64, 24/32, 20/32, and 12/16 on an 8px/96px grid.

Colour palette selected for AAA contrast.