For better server security (especially regarding public facing servers), certain security protocols and ciphers should be disabled.
Using a tool called "IIS Crypto 3.2" by Nartac, these protocols can be easily disabled instead of having to manually edit the Registry Keys.
- Download IIS Crypto 3.2 (https://www.nartac.com/Products/IISCrypto/Download)
- Run this on the server you wish to lock down
- Select the best practices button
- Ensure that TLS 1.0 and TLS 1.1 is also disabled | hit apply
- The server will need to be rebooted before the settings take effect
