POODLE Attack

From NovaOrdis Knowledge Base
Revision as of 00:36, 7 January 2016 by Ovidiu (talk | contribs)
Jump to navigation Jump to search

Internal

External

Overview

Disable SSL3 on Apache httpd

To disable SSLv3 on httpd modify the SSLProtocol directive at the top level in ssl.conf:

SSLProtocol All -SSLv2 -SSLv3

This will give you support for TLSv1.0, TLSv1.1 and TLSv1.2, but explicitly removes support for SSLv2 and SSLv3.