• Solution. Support. Expertise
  • +43 664 635 1238
  • +1 647-947-4502
  • info@tdwebservices.com
POODLE: SSLv3.0 vulnerability (CVE-2014-3566)POODLE: SSLv3.0 vulnerability (CVE-2014-3566)POODLE: SSLv3.0 vulnerability (CVE-2014-3566)POODLE: SSLv3.0 vulnerability (CVE-2014-3566)
  • Hosting
    • Hosting
      • Business Hosting
      • Enterprise Hosting
      • TDWS VPS
      • Managed WordPress Hosting
      • Highly Optimized WordPress Hosting
      • Laravel Hosting
      • Odoo Hosting
      • Moodle Hosting
      • TDWS Reseller Plans
    • E-Commerce Solutions
      • Managed WooCommerce Hosting
      • Highly Optimized WooCommerce Hosting
      • Magento Hosting
      • PrestaShop Hosting
      • OpenCart Hosting
    • Dedicated Servers
      • Gaming Servers
    • TDWS Global Monitoring System
      • Server Monitoring
      • Network Monitoring
      • Application Monitoring
      • Database Monitoring
      • Cloud Monitoring
      • Container Monitoring
      • Storage Monitoring
  • Cloud
    • TDWS Cloud
      • TDWS Cloud Servers
      • TDWS CloudSites
      • TDWS Box Cloud
      • TDWS Virtual Private Cloud
      • TDWS Cloud Drive
    • TDWS Private Cloud
      • KVM Hypervisor Private Cloud
      • Xen Hypervisor Private Cloud
      • Microsoft Hyper-V Private Cloud
      • VMware ESXi Private Cloud
      • VMware Public Cloud Servers
    • Services
      • DB as a Service
      • Disaster Recovery as a Service
    • Other
      • TDWS Cloud Infrastructure
      • TDWS Hybrid Cloud
  • Insights
    • Small Business
    • Knowledge Base
    • Cloud Computing
    • Expert Opinion
    • Industry debates
    • Thought Leadership
  • About Us
    • Why Us
    • Data Centers
    • Affiliate
    • TDWS Channel Partners
    • Contact Us
    • TDWS Customer Reviews
    • TDWS Video
    • Legal
      • TD Web Services Acceptable Use Policy (“AUP”)
      • TDAG DMCA Notice Policy
      • TDAG Privacy Policy
      • Master Service Agreement
      • Service Level Agreement
Login
✕
The Importance of the Cloud for E-Commerce
15 October 2014
Facts Everyone Should Know About Cloud Computing
16 October 2014

POODLE: SSLv3.0 vulnerability (CVE-2014-3566)

Published by TDWS Technical Support on 15 October 2014
Categories
  • Knowledge Base
Tags
  • security
  • SSLv3

Google has announced that they have discovered a vulnerability in SSL v3 which has been named as POODLE. This vulnerability in the SSLv3.0 protocol, has been assigned CVE-2014-3566 by Redhat . All implementations of SSLv3.0 are affected.

https://access.redhat.com/articles/1232123

Recommendations

As NO patch has been released yet by REDHAT current recommendations are to use only TLSv1.1 and TLSv1.2. Backwards compatibility can be done using TLSv1.0. It is not recommended to use SSLv2 and SSLv3 as they are considered insecure.

To disable SSLv2 and SSLv3 for apache :

If you’re running Apache, just include the following line in your configuration among the other SSL directives and restart apache:

SSLProtocol All -SSLv2 -SSLv3

Steps to disable SSLv3 For cPanel :

1. Set WHM » Service Configuration » Apache Configuration » » Apache Configuration » SSL Cipher Suite

Set it to 2nd option : “ALL:!ADH:RC4+RSA:+HIGH:+

MEDIUM:-LOW:-SSLv2:-EXP:!kEDH PCI recommended”2. WHM » Service Configuration » Apache Configuration » Include Editor » Pre Main Include
add below under “Pre Main Include”
====
SSLProtocol All -SSLv2 -SSLv3
SSLCipherSuite EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+
SSLHonorCipherOrder on
====

restart apache and test apache

Run the following command to determine whether SSLv3 is enabled / disabled on a server:

$ openssl s_client -connect localhost:443 -ssl3
Share
0
TDWS Technical Support
TDWS Technical Support

Related posts

15 June 2021

Why Upgrade Your Site to PHP 7.x


Read more
27 May 2021

Common Causes Why is WordPress Slow


Read more
27 May 2019

WordPress Acceleration using NginX Reverse Proxy & Caching


Read more
12 March 2019

How to Switch Your Domain Name Without Damaging Your Site’s SEO


Read more
10 March 2019

How to Use the cPanel/WHM Transfer Accounts Tool


Read more
6 June 2018

How to Change WordPress password using phpMyAdmin or MySQL


Read more
13 April 2018

How to Transfer WordPress Site to a New Domain


Read more
1 February 2017

The ABCD of Cloud Computing


Read more

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Our Services

  • Business Hosting
  • TDWS VPS
  • Dedicated Servers
  • E-Commerce Solutions
  • Enterprise Hosting
  • Managed WordPress Hosting
  • Highly Optimized WordPress Hosting
  • SSL Certificates

TDWS Cloud

  • TDWS Cloud Servers
  • TDWS CloudSites
  • VMware Public Cloud Servers
  • VMware ESXi Private Cloud
  • Microsoft Hyper-V Private Cloud
  • TDWS Virtual Private Cloud
  • Hybrid Cloud
  • Cloud Infrastructure

Recent Posts

  • The Power of Plus Addressing
  • Why an LMS is Essential for Selling Courses Online
  • CentOS Stream vs AlmaLinux: Which Distribution is Right for You?
  • De-Risk Your IT Strategy with TDWS High-Performance Cloud
  • Speeding Up Success: How Power Day Sale Improved Website Performance and Increased Conversions

About Us

  • About Us
  • Why Us
  • Affiliate
  • Contact Us
  • Data Centers
© 2021 TD Web Services. All Rights Reserved.