SSL v3 (POODLE) Vulnerability: Nginx

Share It!

This vulnerability allows the plaintext of secure connections to be calculated by a network attacker. You may need to disable SSL v3 Protocol from Nginx WebServer. This vulnerability does not affect SSL Certificates. There is no need to renew, reissue, or reinstall any certificates.


Ngnix: Steps to Disable the SSL v3 Protocol

Step 1: Find your SSL Protocol Configuration on Nginx Server using below command

# grep -r ssl_protocol /etc/nginx

Step 2: Open the config file or Virtual Host for which you are disabling the SSL v3 protocol. Add or update the following lines in your configuration:

# ssl_protocols TLSv1.2 TLSv1.1 TLSv1;

Step 3: Restart apache service:

# service ngnix restart

Step 4: You have successfully disabled the SSLv3 protocol.

Leave a Reply

Your email address will not be published.