Hi Community and Support Team 
!
This is not focused on Kirby code, but I would like to know if anyone has had to configure these parameters on their server and the Kirby “project has been affected”.
Ah what I understood are settings that are to be enabled only for the following cipher suites:
Thank you very much.
Regards!
What is your question here?
Hi @Adspectus
My question is to know if disabling the following parameters for the TLS will not affect my project in Kirby CMS?
TLS1.2, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, ECDHE-RSA-AES128-SHA256, AES,x25519, 256
TLS1.2, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, ECDHE-RSA-AES256-SHA, AES,x25519, 256
TLS1.2, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, ECDHE-RSA-AES128-SHA, AES,x25519, 256
TLS1.2, TLS_RSA_WITH_AES_256_GCM_SHA384, AES256-GCM-SHA384, AESGCM,RSA, 2048
TLS1.2, TLS_RSA_WITH_AES_256_CCM, AES256-CCM, AESCCM,RSA, 2048
TLS1.2, TLS_RSA_WITH_AES_128_GCM_SHA256, AES128-GCM-SHA256, AESGCM,RSA, 2048
TLS1.2, TLS_RSA_WITH_AES_128_CCM, AES128-CCM, AESCCM,RSA, 2048
TLS1.2, TLS_RSA_WITH_AES_256_CBC_SHA256, AES256-SHA256, AES,RSA, 2048
TLS1.2, TLS_RSA_WITH_AES_128_CBC_SHA256, AES128-SHA256, AES,RSA, 2048
TLS1.2, TLS_RSA_WITH_AES_256_CBC_SHA, AES256-SHA, AES,RSA, 2048
TLS1.2, TLS_RSA_WITH_AES_128_CBC_SHA, AES128-SHA, AES,RSA, 2048
TLS1.2, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, DHE-RSA-AES256-SHA256, AES,DHE_RSA, 2048
TLS1.2, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, DHE-RSA-AES128-SHA256, AES,DHE_RSA, 2048
TLS1.2, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, DHE-RSA-AES256-SHA, AES,DHE_RSA, 2048
TLS1.2, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, DHE-RSA-AES128-SHA, AES,DHE_RSA, 2048
Thank you very much.
Regards!
Kirby CMS is not affected by specific SSL protocols or cipher suites. Using specific protocol versions or cipher suites is a matter between the web server and the browser. The web application behind does (usually) not care. You can even run Kirby without using SSL.
Hence, if you are disabling the TLS1.2 protocol completely or certain cipher suites on your webserver, a client (browser) which cannot provide TLS1.3 or other ciphers is not able to make a connection to your webserver - regardless if you are running Kirby, any other CMS or a static HTML page.