diff --git a/actions/admin/settings/131.ssl.php b/actions/admin/settings/131.ssl.php
index a9f3c091..520a0b59 100644
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -54,6 +54,16 @@ return array(
 					'default' => 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128',
 					'save_method' => 'storeSettingField'
 				),
+				'system_tlsv13_cipher_list' => array(
+					'label' => $lng['serversettings']['ssl']['tlsv13_cipher_list'],
+					'settinggroup' => 'system',
+					'varname' => 'tlsv13_cipher_list',
+					'type' => 'string',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'visible' => \Froxlor\Settings::Get('system.webserver') == "apache2" && \Froxlor\Settings::Get('system.apache24') == 1,
+					'save_method' => 'storeSettingField',
+				),
 				'system_ssl_cert_file' => array(
 					'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
 					'settinggroup' => 'system',
diff --git a/install/froxlor.sql b/install/froxlor.sql
index c1ca6cf6..b150ab48 100644
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -640,6 +640,7 @@ opcache.interned_strings_buffer'),
 	('system', 'nssextrausers', '0'),
 	('system', 'disable_le_selfcheck', '0'),
 	('system', 'ssl_protocols', 'TLSv1,TLSv1.2'),
+	('system', 'tlsv13_cipher_list', ''),
 	('system', 'logfiles_format', ''),
 	('system', 'logfiles_type', '1'),
 	('system', 'logfiles_piped', '0'),
@@ -683,7 +684,7 @@ opcache.interned_strings_buffer'),
 	('panel', 'customer_hide_options', ''),
 	('panel', 'is_configured', '0'),
 	('panel', 'version', '0.10.0'),
-	('panel', 'db_version', '201909150');
+	('panel', 'db_version', '201910030');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;
diff --git a/install/updates/froxlor/0.10/update_0.10.inc.php b/install/updates/froxlor/0.10/update_0.10.inc.php
index 18d11225..a2469065 100644
--- a/install/updates/froxlor/0.10/update_0.10.inc.php
+++ b/install/updates/froxlor/0.10/update_0.10.inc.php
@@ -316,3 +316,12 @@ if (\Froxlor\Froxlor::isDatabaseVersion('201907270')) {
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.0-rc2')) {
 	\Froxlor\Froxlor::updateToVersion('0.10.0');
 }
+
+if (\Froxlor\Froxlor::isDatabaseVersion('201909150')) {
+
+	showUpdateStep("Adding TLSv1.3-cipherlist setting");
+	Settings::AddNew("system.tlsv13_cipher_list", '');
+	lastStepStatus(0);
+
+	\Froxlor\Froxlor::updateToDbVersion('201910030');
+}
diff --git a/lib/Froxlor/Cron/Http/Apache.php b/lib/Froxlor/Cron/Http/Apache.php
index dec06991..1e13dc32 100644
--- a/lib/Froxlor/Cron/Http/Apache.php
+++ b/lib/Froxlor/Cron/Http/Apache.php
@@ -477,6 +477,10 @@ class Apache extends HttpConfigBase
 							// this makes it more secure, thx to Marcel (08/2013)
 							$this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";
+							$protocols = array_map('trim', explode(",", Settings::Get('system.ssl_protocols')));
+							if (in_array("TLSv1.3", $protocols) && !empty(Settings::Get('system.tlsv13_cipher_list')) && Settings::Get('system.apache24') == 1) {
+								$this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite TLSv1.3 ' . Settings::Get('system.tlsv13_cipher_list') . "\n";
+							}
 							$this->virtualhosts_data[$vhosts_filename] .= ' SSLVerifyDepth 10' . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateFile ' . \Froxlor\FileDir::makeCorrectFile($domain['ssl_cert_file']) . "\n";
 
@@ -973,6 +977,10 @@ class Apache extends HttpConfigBase
 				// this makes it more secure, thx to Marcel (08/2013)
 				$vhost_content .= '  SSLHonorCipherOrder On' . "\n";
 				$vhost_content .= '  SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";
+				$protocols = array_map('trim', explode(",", Settings::Get('system.ssl_protocols')));
+				if (in_array("TLSv1.3", $protocols) && !empty(Settings::Get('system.tlsv13_cipher_list')) && Settings::Get('system.apache24') == 1) {
+					$vhost_content .= ' SSLCipherSuite TLSv1.3 ' . Settings::Get('system.tlsv13_cipher_list') . "\n";
+				}
 				$vhost_content .= '  SSLVerifyDepth 10' . "\n";
 				$vhost_content .= '  SSLCertificateFile ' . \Froxlor\FileDir::makeCorrectFile($domain['ssl_cert_file']) . "\n";
 
diff --git a/lib/Froxlor/Froxlor.php b/lib/Froxlor/Froxlor.php
index 28262162..6abe1274 100644
--- a/lib/Froxlor/Froxlor.php
+++ b/lib/Froxlor/Froxlor.php
@@ -10,7 +10,7 @@ final class Froxlor
 	const VERSION = '0.10.0';
 
 	// Database version (YYYYMMDDC where C is a daily counter)
-	const DBVERSION = '201909150';
+	const DBVERSION = '201910030';
 
 	// Distribution branding-tag (used for Debian etc.)
 	const BRANDING = '';
diff --git a/lng/english.lng.php b/lng/english.lng.php
index 84c992e4..66c1debb 100644
--- a/lng/english.lng.php
+++ b/lng/english.lng.php
@@ -2066,3 +2066,6 @@ $lng['serversettings']['letsencryptecc']['title'] = "Issue ECC / ECDSA certifica
 $lng['serversettings']['letsencryptecc']['description'] = "If set to a valid key-size the certificate issued will use ECC / ECDSA";
 $lng['serversettings']['froxloraliases']['title'] = "Domain aliases for froxlor vhost";
 $lng['serversettings']['froxloraliases']['description'] = "Comma separated list of domains to add as server alias to the froxlor vhost";
+
+$lng['serversettings']['ssl']['tlsv13_cipher_list']['title'] = 'Configure explicit TLSv1.3 ciphers if used';
+$lng['serversettings']['ssl']['tlsv13_cipher_list']['description'] = 'This is a list of ciphers that you want (or don\'t want) to use when talking TLSv1.3. For a list of ciphers and how to include/exclude them, see <a href="https://wiki.openssl.org/index.php/TLS1.3">the docs for TLSv1.3</a>.<br /><br /><b>Default value is empty</b>';
diff --git a/lng/german.lng.php b/lng/german.lng.php
index c88c43d6..0e012d30 100644
--- a/lng/german.lng.php
+++ b/lng/german.lng.php
@@ -1713,3 +1713,6 @@ $lng['serversettings']['letsencryptecc']['title'] = "ECC / ECDSA Zertifikate aus
 $lng['serversettings']['letsencryptecc']['description'] = "Wenn eine Schlüsselgröße ausgewählt wird, werden ECC / ECDSA Zertifikate erstellt";
 $lng['serversettings']['froxloraliases']['title'] = "Domain Aliase für Froxlor Vhost";
 $lng['serversettings']['froxloraliases']['description'] = "Komma getrennte Liste von Domains, welche als Server Alias zum Froxlor Vhost hinzugefügt werden";
+
+$lng['serversettings']['ssl']['tlsv13_cipher_list']['title'] = 'Explizite TLSv1.3 Ciphers, wenn genutzt';
+$lng['serversettings']['ssl']['tlsv13_cipher_list']['description'] = 'Dies ist eine Liste von Ciphers, die genutzt werden sollen (oder auch nicht genutzt werden sollen), wenn eine TLSv1.3 Verbindung hergestellt werden soll. Eine Liste aller Ciphers und wie diese hinzugefügt/ausgeschlossen werden ist <a href="https://wiki.openssl.org/index.php/TLS1.3">der Dokumentation für TLSv1.3</a> zu entnehmen.<br /><br /><b>Standard-Wert ist leer</b>';