POODLE Attack: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
No edit summary
No edit summary
Line 7: Line 7:
* https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack
* https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack
* https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/
* https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/
=Overview=


=Disable SSL3 on Apache httpd=
=Disable SSL3 on Apache httpd=

Revision as of 00:36, 7 January 2016

Internal

External

Overview

Disable SSL3 on Apache httpd

To disable SSLv3 on httpd modify the SSLProtocol directive at the top level in ssl.conf:

SSLProtocol All -SSLv2 -SSLv3

This will give you support for TLSv1.0, TLSv1.1 and TLSv1.2, but explicitly removes support for SSLv2 and SSLv3.