I'm trying to disable TLS 1.0 + 1.1 in Apache, and weak ciphers. I did the following: sudo -s nano /etc/apache2/mods-available/ssl.conf [..] # List the enable protocol levels with which clients will be able to # connect. Disable SSLv2 access by default: # SSLProtocol all -SSLv2 -SSLv3 SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 [..] and [..] # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. # SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA SSLCipherSuite HIGH:!aNULL:!MD5:!3DES [..] CTRL + Y service apache2 restart But that didn't work when testing on SSLLabs so I edited the vhost for the website I was testing by commenting SSLProtocol out in the vhost. Restarted apache, rerun the test, but still no change. I'm using ISPConfig so I looked it up on the forum and howtoforge, the only page I found was the "How to secure your ISPConfig 3 server against the poodle SSL attack" article which didn't help. Am I missing something?