by on March 23, 2020, in

Disable TLS 1.0 and 1.1 in Firefox Now!

Mozilla had planned to disable the insecure versions 1.0 and 1.1 of the TLS protocol in Firefox 74. Unfortunately, they reverted that planned change. This post explains how to disable insecure TLS versions yourself.

How to Disable TLS 1.0 and 1.1

The tl;dr version of this article:

  1. Open a new tab and navigate to about:config
  2. In the search box type security.tls.version.min
  3. Set the value to 3 and click the save icon

Why Did Mozilla Revert the Change?

The release notes for Firefox 74.0 state the following:

We reverted the change for an undetermined amount of time to better enable access to critical government sites sharing COVID19 information.

Government websites from the digital stone age. Yuck!

Explanation of the security.tls.version.min Setting

The only documentation of the security.tls.version.min setting seems to be on mozillaZine, apparently a non-HTTPS site:

0

The minimum required SSL/TLS version is SSL 3.0

1

The minimum required SSL/TLS version is TLS 1.0

2

The minimum required SSL/TLS version is TLS 1.1

3

The minimum required SSL/TLS version is TLS 1.2

4

The minimum required SSL/TLS version is TLS 1.3

How to Check Your Browser’s TLS Configuration

Head over to Qualys Labs. The topmost box of the report should look like this:

About the Author

Helge Klein (ex CTP, MVP and vExpert) worked as a consultant and developer before founding vast limits, the uberAgent company. Helge applied his extensive knowledge in IT infrastructure projects and architected the user profile management product whose successor is now available as Citrix Profile Management. Helge is the author of the popular tools Delprof2 and SetACL. He has presented at Citrix Synergy, BriForum, E2EVC, Splunk .conf and many other events. Helge is very active in the IT community and has co-founded Virtualization Community NRW (VCNRW).

Read more

Previous Article Switching from Chrome to Firefox