Revolving around the core of technology
POODLE Vulnerability Fixes (Disable SSLv3 and SSLv2)IntroductionPOODLE allows malicious attempts on a server's SSLv3 protocol via man in the middle attack. Anything web based that uses this protocol can be compromised.POODLE Fix For Apache And Nginx For Some Linux FlavorsNginx Web ServerEx: Ubuntu, add a global setting to /etc/nginx/nginx.conf in the http block, or to each block in /etc/nginx/sites-enabled. Do the following: sudo nano /etc/nginx/nginx.conf Set the ssl_protocols directive to: ssl_protocols TLSv1 TLSv1.1 TLSv1.2; Restart the server: sudo service nginx restart Apache Web ServerSSLProtocol directive in the mod_ssl module. Ubuntu: sudo nano /etc/apache2/mods-available/ssl.conf if SSL is enabled, modify this file: sudo nano /etc/httpd/conf.d/ssl.conf Edit or create the SSLProtocol directive and exclude SSLv3 SSLProtocol all -SSLv3 -SSLv2 Save and close the file. Restart the service to enable your changes. Restart the server: Ubuntu: sudo service apache2 restart CentOS: sudo service httpd restart
|