- Kosmas.gr phpMyFAQ (Codename Porus)

Run as administrator the following script:

# Disable TLS 1.0 and 1.1 for both Client and Server

$protocols = @(\\"TLS 1.0\\", \\"TLS 1.1\\")
$baseKey = \\"HKLM:\\\\SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols\\"

foreach ($protocol in $protocols) {
   foreach ($subKey in @(\\"Client\\", \\"Server\\")) {
       $fullPath = Join-Path -Path \\"$baseKey\\\\$protocol\\" -ChildPath $subKey

       # Create key if it doesn\\'t exist
       if (-not (Test-Path $fullPath)) {
           New-Item -Path $fullPath -Force | Out-Null
       }

       # Set the registry values
       New-ItemProperty -Path $fullPath -Name \\"Enabled\\" -PropertyType DWORD -Value 0 -Force | Out-Null
       New-ItemProperty -Path $fullPath -Name \\"DisabledByDefault\\" -PropertyType DWORD -Value 1 -Force | Out-Null
   }
}

Write-Host \\"✅ TLS 1.0 and 1.1 disabled.\\"

# Ensure RDP uses TLS Security Layer

$rdpTcpKey = \\"HKLM:\\\\SYSTEM\\\\CurrentControlSet\\\\Control\\\\Terminal Server\\\\WinStations\\\\RDP-Tcp\\"
Set-ItemProperty -Path $rdpTcpKey -Name \\"SecurityLayer\\" -Value 3
Set-ItemProperty -Path $rdpTcpKey -Name \\"MinEncryptionLevel\\" -Value 3

Write-Host \\"✅ RDP Security Layer set to TLS and Encryption Level to High.\\"

# Prompt to restart
Write-Host \\"`n⚠ A system restart is required for changes to take effect.\\"

This will result in:

HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols
For Client and Server for TLS v1.0 and TLS v1.0 to disabled.

Disable TLS v1.0 and v1.1 on RDP server

Βαθμολογήστε αυτή τη καταχώρηση:

Συναφείς καταχωρήσης