Google has announced that they have discovered a vulnerability in SSL v3 which has been named as POODLE. This vulnerability in the SSLv3.0 protocol, has been assigned CVE-2014-3566 by Redhat . All implementations of SSLv3.0 are affected.
As NO patch has been released yet by REDHAT current recommendations are to use only TLSv1.1 and TLSv1.2. Backwards compatibility can be done using TLSv1.0. It is not recommended to use SSLv2 and SSLv3 as they are considered insecure.
To disable SSLv2 and SSLv3 for apache :
If you’re running Apache, just include the following line in your configuration among the other SSL directives and restart apache:
SSLProtocol All -SSLv2 -SSLv3
Steps to disable SSLv3 For cPanel :
1. Set WHM » Service Configuration » Apache Configuration » » Apache Configuration » SSL Cipher Suite
Set it to 2nd option : “ALL:!ADH:RC4+RSA:+HIGH:+
restart apache and test apache
Run the following command to determine whether SSLv3 is enabled / disabled on a server:
$ openssl s_client -connect localhost:443 -ssl3