Drop support for weak cipher suites
The Qualys SSL Server Test shows that haveibeenpwned.com supports weak cipher suites for TLS 1.2. Please drop support for these to make haveibeenpwned.com even more secure.
TLS termination is done at Cloudflare and this is not a configurable attribute. It poses a minor risk hence the A+ SSL Labs rating HIBP receives.
No, low priority for me right now.
Kenneth Barber commented
Troy, have you ever talked to Cloudflare about making it configurable or making a sweeping change for everyone?