Cipher order, and killing TLS v1.1 & v1.0

So, this is me again, being too much used to Cloudflare, and learning how things are done in config files and custom admin consoles.
As I have mentioned before, I’m using Hardenize and to check the security settings of my domain, and I’ve found that according to the latter, that “Cipher order” is marked red, as in problematic, and “TLS version” is marked yellow, as something that should be taken into consideration.

Is there a way to set these in the .htaccess file, or is that a futile option?

These settings are global and managed by our team, you can’t modify these.
The issues reported by your testing suite are about support of phased out TLS versions and the fact we don’t force a cipher suite order.
For TLS versions support we chose to phase out TLS1.0 and TLS1.1 late to ensure a broader support, we will remove support for it later when we consider it will not harm sites accessibility or if its use become a practical security threat.
From a security point of view we limit those protocols to only use cipher suites with no known practical vulnerabilities.
For the cipher order error, forcing a cipher suite order disallow devices to chose the best algorithm from their point of view (e.g a mobile device without AES hardware acceleration will prefer ChaCha based ciphers where a device with AES hardware acceleration will chose an AES based cipher), here again, as we ensure we are not using vulnerable cipher suites there is no risk in not forcing the order of ciphers (the weakest cipher suite being TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA that has still no practical attacks against current implementations).