Remove insecure protocols from IIS
Default IIS HTTPS settings should get a good grade on https://www.ssllabs.com/
If legacy operating system support is needed, that should have to be enabled on a per-site basis.
10
votes
