SSL v3 (POODLE) Vulnerability: Apache

Share It!

This vulnerability allows the plaintext of secure connections to be calculated by a network attacker.This vulnerability doesn’t affect SSL Certificates. There is no need to renew, reissue, or reinstall any certificates.

What is .htaccess?

htaccess introduction

Apache: Follow below steps to Disable the SSL v3 Protocol

Step 1: Find your SSL Protocol in your Configuration on Apache Server using below command

# grep -i -r "SSLProtocol" /etc/apache2
# grep -i -r "SSLProtocol" /etc/httpd

Step 2: Open the config file or Virtual Host for which you are disabling the SSL v3 protocol. Add or update the following lines in your configuration:

# SSLProtocol all -SSLv2 -SSLv3

Step 3: Restart apache service:

# service httpd restart
# service apache2 restart

Step 4: You have successfully disabled the SSLv3 protocol.

Hope this tutorial will help you to disable the SSLv3 Vulnerability.

Leave a Reply

Your email address will not be published.