Add the following to your SSL configuration section:
Note to insert this to all VirtualHost sections where SSL is enabled!
Check your config:
Then restart apache server:
To check if SSLv3 is turned off:
Then you shold see a message like this:
To disable SSLv3 within other services:
see this post
# Disable SSLv2 & SSLv3 against POODLE issue (CVE-2014-3566)
SSLProtocol All -SSLv2 -SSLv3
Note to insert this to all VirtualHost sections where SSL is enabled!
Check your config:
apachectl configtest
Then restart apache server:
sudo service apache2 restart
To check if SSLv3 is turned off:
openssl s_client -connect server.domain.tld:443 -ssl3
Then you shold see a message like this:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1260:SSL alert number 40
To disable SSLv3 within other services:
see this post
add comment
( 2535 views )
| permalink
| related link
| ( 3 / 3511 )