Disable SSL 3.0 for POODLE Vulnerability
From Hostek.com Wiki
Revision as of 22:00, 30 June 2015 by Seanc (Talk | contribs) (→How to disable SSL 3.0 to protect against the POODLE Vulnerability on your VPS)
How to disable SSL 3.0 to protect against the POODLE Vulnerability on your VPS
Recently, SSL 3.0 was exposed to a vulnerability known as POODLE which has made it no longer viable as a protocol. TLS 1.1 and 1.2 are now used as they are more secure. Below, we have detailed steps on how to protect your VPS against this vulnerability by disabling SSL 3.0
Windows VPS
Follow these steps to disable SSL 3.0 on your Windows VPS
- Login to RDP
- Click Start---Run
- Type:
Regedit
and hit enter - Expand HKEY_LOCAL_MACHINE
- Expand SYSTEM
- Expand CurrentControlSet
- Expand Control
- Expand SecurityProviders
- Expand SCHANNEL
- Expand Protocols
- If there is a key here for SSL 3.0, expand it and right-click on server. Click Add Dword value and name it Enabled. Set it's decimal value to 0. Reboot. If there is not, proceed to next step
- Right click on Protocols and click Add Key. Name it:
SSL 3.0
- Right click on the newly created SSL 3.0 and Add Key. Name it:
Server
- Right click on the newly created Server and click Add Dword. Name it:
Enabled
. Set it's decimal value to:0
. - Reboot
Cpanel VPS
Follow these steps to disable SSL 3.0 on your Linux VPS
- Login to WHM (x.x.x.x:2086 where x.x.x.x is server IP)
- Search Apache Configuration in the search bar and click on it
- Click on Include Editor
- Go to Pre-Main Include and select all versions
- Add the following to the text box:
SSLHonorCipherOrder On
SSLProtocol -All +TLSv1 - Click Update
- This will rebuild your Apache Configuration
- Once complete, click Restart Apache
Following these steps will protect you from the POODLE vulnerability.