SSLv3 POODLE vulnerability

If you are using the shared Elastx SSL certificate then your are all set, SSLv3 is already disabled.
If you are using your own certificate then you want to make sure you have disabled SSLv3.

 

Nginx load balancer and php:

Edit the file /conf.d/ssl.conf and find the line with ssl_protocols and make sure you remove SSLv2 och SSLv3. Then restart Nginx.

ssl_protocols  SSLv2 SSLv3 TLSv1;

 

Apache

Edit the file /conf.d/ssl.conf and find the line with SSLProtocol and make sure you remove add a "-" in front of SSLv3. Then restart Apache.

SSLProtocol -ALL -SSLv3 +TLSv1 

 

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.