Secure Your HTTPS / SSL / TLS
If you own a personal site and like to make both your site and visitors secure, read this: Just because you’ve enabled HTTPS does not mean it’s sound and secure.
TLS v1.0 and v1.1 are known to be vulnerable and should not be allowed on your site. It is a security best practice to make TLS v1.2 the minimum version allowed on your site.
Get a Test on your Site
You can use SSLLabs to conduct a quick test on your site.
Click on any of the server will give you a brief explaination on the findings.
I’m using Cloudflare as CDN for api.davidxiao.me, so I went on to the Cloudflare portal and updated the “Minimum TLS Version” to “TLS 1.2”.
Then performed a re-scan. It looks much better this time.
Hope this is helpful!