[jlgaddis]

If you use the Mozilla SSL Configuration Generator [0], you can select "Modern", "Intermediate", or "Old", and end up with a cut-and-paste configuration snippet that'll best suit your specific needs.

[0]: https://mozilla.github.io/server-side-tls/ssl-config-generat...

[blowski]

That's really useful, thank you.

But my question still stands - why do nginx and Apache not provide the same settings as a configuration option?

[stouset]

Because what is implied by those terms changes over time, and minor changes can have major impacts on accessibility by older clients.