What is this
We check which TLS protocol versions your server accepts. Modern is TLS 1.2 and 1.3. Older versions (SSLv3, TLS 1.0, TLS 1.1) have known vulnerabilities and must be off.
Why it matters
Outdated TLS versions enable attacks like BEAST, POODLE, and Lucky13. PCI-DSS has banned TLS 1.0 since 2018. A server still speaking 1.0 or 1.1 fails compliance checks.
How to fix it
TransIP: On Managed Hosting: file a ticket to disable TLS 1.0/1.1. On VPS: edit /etc/nginx/nginx.conf or /etc/apache2/mods-enabled/ssl.conf, set ssl_protocols TLSv1.2 TLSv1.3;.
CloudFlare: SSL/TLS > Edge Certificates > Minimum TLS Version to TLS 1.2. Enable TLS 1.3 and Opportunistic Encryption.
Strato or Antagonist: On shared hosting modern TLS is usually fine by default. On VPS configure it yourself in nginx/apache as above.
Other: Follow the Mozilla SSL Configuration Generator for your server (pick Intermediate or Modern). Restart the web server, test with SSL Labs.
Verify
SSL Labs shows supported/unsupported per protocol version. Or run nmap --script ssl-enum-ciphers -p 443 yourdomain.com.