Disable SSL 3.0 for POODLE Vulnerability

From Hostek.com Wiki
Revision as of 13:39, 24 March 2015 by Seanc (Talk | contribs) (Windows VPS)

Jump to: navigation, search

How to disable SSL 3.0 to protect against the POODLE Vulnerability on your VPS

Recently, SSL 3.0 was exposed to a vulnerability known as POODLE which has made it no longer viable as a protocol. TLS 1.0 and 1.2 are now used as they are more secure. Below, we have detailed steps on how to protect your VPS against this vulnerability by disabling SSL 3.0


Windows VPS

Follow these steps to disable SSL 3.0 on your Windows VPS

  1. Login to RDP
  2. Click Start---Run
  3. Type: Regedit and hit enter
  4. Expand HKEY_LOCAL_MACHINE
  5. Expand SYSTEM
  6. Expand CurrentControlSet
  7. Expand Control
  8. Expand SecurityProviders
  9. Expand SCHANNEL
  10. Expand Protocols
  11. If there is a key here for SSL 3.0, expand it and right-click on server. Click Add Dword value and name it Enabled. Set it's decimal value to 0. Reboot. If there is not, proceed to next step
  12. Right click on Protocols and click Add Key. Name it: SSL 3.0
  13. Right click on the newly created SSL 3.0 and Add Key. Name it: Server
  14. Right click on the newly created Server and click Add Dword. Name it: Enabled. Set it's decimal value to: 0.
  15. Reboot

Cpanel VPS

Follow these steps to disable SSL 3.0 on your Linux VPS

  1. Login to WHM (x.x.x.x:2086 where x.x.x.x is server IP)
  2. Search Apache Configuration in the search bar and click on it
  3. Click on Include Editor
  4. Go to Pre-Main Include and select all versions
  5. Add the following to the text box:
    SSLHonorCipherOrder On
    SSLProtocol -All +TLSv1
  6. Click Update
  7. This will rebuild your Apache Configuration
  8. Once complete, click Restart Apache


Following these steps will protect you from the POODLE vulnerability.

Retrieved from "https://wiki.hostek.com/index.php?title=Disable_SSL_3.0_for_POODLE_Vulnerability&oldid=2442"