Disable SSL 2 3 Apache Poodle AttackDisable SSL 2 3 Apache Poodle Attack

Anyone running an Apache Server on Ubuntu with SSL enabled should Disable SSL 2 & SSL 3 on Apache to stop Poodle Attack. So here’s a very quick and simple how to Disable SSL 2 3 Apache Poodle Attack.

In Apache 2.4.7 on Ubuntu 14.04 it is as simple as doing the following

sudo nano /etc/apache2/mods-available/ssl.conf

Edit the line that says

SSLProtocol all

and Change it to say

SSLProtocol all -SSLv2 -SSLv3

Then Reload your Apache config with

sudo service apache2 reload

That’s it …. go and test one of your https sites at Qualsys SSL Labs. If all is good you should see a very favorable result like the picture above.

Easy as that ….. sorry if you were hoping for something super complicated to do today !!!

Happy Nixing in the Nixing Bowl !!!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.