Abstract: This short howto goes true the steps to disable TLS 1.0 (and therefore leave only TLS 1.1 and TLS 1.2 activated) on an Microsoft SharePoint Server.
This short document outlines some steps which can be performed on an SharePoint 2016 Server in order to improve the overall security (also called as hardening).
Abstract: Per default some weak ciphers & protocols for SSL communications are enabled on an Windows 2012 R2 OS which is used for an Microsoft SharePoint (2013/2016) environment. To improve the security from the OS and all connections from and towards an Microsoft SharePoint environment they should be disabled (this is also required to pass the PCI DSS validation).
Abstract: For security reasons you wish to configure Windows Remote Management (WinRM) on your Windows 2012 R2 OS to use an SSL certificate.
Abstract: Per default a IIS Server (Version 8.5 on Windows 2012 R2) running components from Microsoft SharePoint advertise an "X-AspNet-Version: 2.0.50727" in the http server response. This could be used by an "hacker" to find possible vulnerable server, so it might be a good idea to hide that information.