Difference between revisions of "Disable SSL 3.0 for POODLE Vulnerability"
From Hostek.com Wiki
(Created page with "===How to disable SSL 3.0 to protect against the POODLE Vulnerability on your VPS=== Recently, SSL 3.0 was exposed to a vulnerability known as POODLE which has made it no lon...") |
(→How to disable SSL 3.0 to protect against the POODLE Vulnerability on your VPS) |
||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
===How to disable SSL 3.0 to protect against the POODLE Vulnerability on your VPS=== | ===How to disable SSL 3.0 to protect against the POODLE Vulnerability on your VPS=== | ||
− | Recently, SSL 3.0 was exposed to a vulnerability known as POODLE which has made it no longer viable as a protocol. TLS 1. | + | Recently, SSL 3.0 was exposed to a vulnerability known as POODLE which has made it no longer viable as a protocol. TLS 1.1 and 1.2 are now used as they are more secure. Below, we have detailed steps on how to protect your VPS against this vulnerability by disabling SSL 3.0 |
− | + | ||
==Windows VPS== | ==Windows VPS== | ||
Line 10: | Line 9: | ||
#Login to RDP | #Login to RDP | ||
#Click Start---Run | #Click Start---Run | ||
− | #Type Regedit and hit enter | + | #Type: <code>Regedit</code> and hit enter |
#Expand HKEY_LOCAL_MACHINE | #Expand HKEY_LOCAL_MACHINE | ||
#Expand SYSTEM | #Expand SYSTEM | ||
Line 19: | Line 18: | ||
#Expand Protocols | #Expand Protocols | ||
#If there is a key here for SSL 3.0, expand it and right-click on server. Click Add Dword value and name it Enabled. Set it's decimal value to 0. Reboot. If there is not, proceed to next step | #If there is a key here for SSL 3.0, expand it and right-click on server. Click Add Dword value and name it Enabled. Set it's decimal value to 0. Reboot. If there is not, proceed to next step | ||
− | #Right click on Protocols and click Add Key. Name it SSL 3.0 | + | #Right click on Protocols and click Add Key. Name it: <code>SSL 3.0</code> |
− | #Right click on the newly created SSL 3.0 and Add Key. Name it Server | + | #Right click on the newly created SSL 3.0 and Add Key. Name it: <code>Server</code> |
− | #Right click on the newly created Server and click Add Dword. | + | #Right click on the newly created Server and click Add Dword. Name it: <code>Enabled</code>. Set it's decimal value to: <code>0</code>. |
#Reboot | #Reboot | ||
− | |||
==Cpanel VPS== | ==Cpanel VPS== |
Latest revision as of 22:00, 30 June 2015
How to disable SSL 3.0 to protect against the POODLE Vulnerability on your VPS
Recently, SSL 3.0 was exposed to a vulnerability known as POODLE which has made it no longer viable as a protocol. TLS 1.1 and 1.2 are now used as they are more secure. Below, we have detailed steps on how to protect your VPS against this vulnerability by disabling SSL 3.0
Windows VPS
Follow these steps to disable SSL 3.0 on your Windows VPS
- Login to RDP
- Click Start---Run
- Type:
Regedit
and hit enter - Expand HKEY_LOCAL_MACHINE
- Expand SYSTEM
- Expand CurrentControlSet
- Expand Control
- Expand SecurityProviders
- Expand SCHANNEL
- Expand Protocols
- If there is a key here for SSL 3.0, expand it and right-click on server. Click Add Dword value and name it Enabled. Set it's decimal value to 0. Reboot. If there is not, proceed to next step
- Right click on Protocols and click Add Key. Name it:
SSL 3.0
- Right click on the newly created SSL 3.0 and Add Key. Name it:
Server
- Right click on the newly created Server and click Add Dword. Name it:
Enabled
. Set it's decimal value to:0
. - Reboot
Cpanel VPS
Follow these steps to disable SSL 3.0 on your Linux VPS
- Login to WHM (x.x.x.x:2086 where x.x.x.x is server IP)
- Search Apache Configuration in the search bar and click on it
- Click on Include Editor
- Go to Pre-Main Include and select all versions
- Add the following to the text box:
SSLHonorCipherOrder On
SSLProtocol -All +TLSv1 - Click Update
- This will rebuild your Apache Configuration
- Once complete, click Restart Apache
Following these steps will protect you from the POODLE vulnerability.