diff --git a/service/proxy.go b/service/proxy.go
index bf8f17f..06e81c5 100644
--- a/service/proxy.go
+++ b/service/proxy.go
@@ -307,6 +307,15 @@ func Start() {
 			Addr: fmt.Sprintf(":%d", gatewayHttpsPort),
 			TLSConfig: &tls.Config{
 				MinVersion: tls.VersionTLS12,
+				CipherSuites: []uint16{
+					// Secure cipher suites for TLS 1.2 (excluding 3DES to prevent Sweet32 attack)
+					tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+					tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+					tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+					tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+					tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+					tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+				},
 			},
 		}