The Importance of the Cloud for E-Commerce
15 October 2014Facts Everyone Should Know About Cloud Computing
16 October 2014Google has announced that they have discovered a vulnerability in SSL v3 which has been named as POODLE. This vulnerability in the SSLv3.0 protocol, has been assigned CVE-2014-3566 by Redhat . All implementations of SSLv3.0 are affected.
https://access.redhat.com/articles/1232123
Recommendations
As NO patch has been released yet by REDHAT current recommendations are to use only TLSv1.1 and TLSv1.2. Backwards compatibility can be done using TLSv1.0. It is not recommended to use SSLv2 and SSLv3 as they are considered insecure.
To disable SSLv2 and SSLv3 for apache :
If you’re running Apache, just include the following line in your configuration among the other SSL directives and restart apache:
SSLProtocol All -SSLv2 -SSLv3
Steps to disable SSLv3 For cPanel :
1. Set WHM » Service Configuration » Apache Configuration » » Apache Configuration » SSL Cipher Suite
Set it to 2nd option : “ALL:!ADH:RC4+RSA:+HIGH:+
add below under “Pre Main Include”
====
SSLProtocol All -SSLv2 -SSLv3
SSLCipherSuite EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+
SSLHonorCipherOrder on
====
restart apache and test apache
Run the following command to determine whether SSLv3 is enabled / disabled on a server:
$ openssl s_client -connect localhost:443 -ssl3
