diff --git a/data/hooks/conf_regen/03-ssh b/data/hooks/conf_regen/03-ssh
index dbf9d69e3..0b58a461c 100755
--- a/data/hooks/conf_regen/03-ssh
+++ b/data/hooks/conf_regen/03-ssh
@@ -24,8 +24,8 @@ do_pre_regen() {
     fi
 
     # Support different strategy for security configurations
-    if [[ -n "$(yunohost settings get 'service.ssh.ciphers.compatibility')" ]]; then
-        ssh_ciphers_compatibility="$(yunohost settings get 'service.ssh.ciphers.compatibility')"
+    if [[ -n "$(yunohost settings get 'service.ssh.compatibility')" ]]; then
+        ssh_ciphers_compatibility="$(yunohost settings get 'service.ssh.compatibility')"
     fi
 
     export ssh_keys
diff --git a/data/hooks/conf_regen/15-nginx b/data/hooks/conf_regen/15-nginx
index 9a7579eeb..57446c081 100755
--- a/data/hooks/conf_regen/15-nginx
+++ b/data/hooks/conf_regen/15-nginx
@@ -37,8 +37,8 @@ do_pre_regen() {
   domain_list=$(sudo yunohost domain list --output-as plain --quiet)
 
   # Support different strategy for security configurations
-  if [[ -n "$(yunohost settings get 'security.ciphers.compatibility')" ]]; then
-      security_ciphers_compatibility="$(yunohost settings get 'security.ciphers.compatibility')"
+  if [[ -n "$(yunohost settings get 'security.nginx.compatibility')" ]]; then
+      security_ciphers_compatibility="$(yunohost settings get 'security.nginx.compatibility')"
   fi
 
   export security_ciphers_compatibility
diff --git a/src/yunohost/settings.py b/src/yunohost/settings.py
index 916e8b8c3..6277c8283 100644
--- a/src/yunohost/settings.py
+++ b/src/yunohost/settings.py
@@ -40,9 +40,9 @@ DEFAULTS = OrderedDict([
     ("security.password.admin.strength", {"type": "int", "default": 1}),
     ("security.password.user.strength", {"type": "int", "default": 1}),
     ("service.ssh.allow_deprecated_dsa_hostkey", {"type": "bool", "default": False}),
-    ("service.ssh.ciphers.compatibility", {"type": "enum", "default": "modern",
+    ("security.ssh.compatibility", {"type": "enum", "default": "modern",
         "choices": ["intermediate", "modern"]}),
-    ("security.ciphers.compatibility", {"type": "enum", "default": "intermediate",
+    ("security.nginx.compatibility", {"type": "enum", "default": "intermediate",
         "choices": ["intermediate", "modern"]}),
 ])
 
@@ -283,12 +283,12 @@ def trigger_post_change_hook(setting_name, old_value, new_value):
 #
 # ===========================================
 
-@post_change_hook("security.ciphers.compatibility")
+@post_change_hook("security.nginx.compatibility")
 def reconfigure_nginx(setting_name, old_value, new_value):
     if old_value != new_value:
         service_regen_conf(names=['nginx'])
 
-@post_change_hook("service.ssh.ciphers.compatibility")
+@post_change_hook("security.ssh.compatibility")
 def reconfigure_ssh(setting_name, old_value, new_value):
     if old_value != new_value:
         service_regen_conf(names=['ssh'])