Update TLS versions
In some circumstances - specifically when an application allows client-initiated SSL/TLS renegotiation - previous versions of SSL/TLS can be more vulnerable to DDoS attacks.
When you use an SSL/TLS certificate issued by Cloudflare1, you can reduce the impact of this vulnerability by:
- Updating the Minimum TLS Version accepted by your application.
- Allowing TLS 1.3.
For more details on this vulnerability, refer to Secure Server- and Client-Initiated SSL Renegotiation ↗.
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark