diff --git a/roles/web_server/defaults/main.yml b/roles/web_server/defaults/main.yml
index 88ca28d2bc354b97d9c4e2e322cf9f37fafb8ca4..d843b16c4dee4753301218ea70c4cbce7f51419b 100644
--- a/roles/web_server/defaults/main.yml
+++ b/roles/web_server/defaults/main.yml
@@ -5,3 +5,6 @@ default_https_tls_certificate: "{{ lookup('file', tls_certificate_dir + '/' + an
 default_https_tls_key: "{{ lookup('file', tls_private_key_dir + '/' + ansible_fqdn + '_https.key') }}"
 web_default_title: "Welcome"
 web_default_message: "You are attempting to access the web server using a wrong name or an IP address. Please check your URL."
+web_server_tls_protocols:
+  - "TLSv1.2"
+web_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:!aNULL:!MD5:!EXPORT"