From 53124ed9dc52e8aee60d9018ffb32c18f03c4daa Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Thu, 16 Oct 2014 10:37:35 -0400
Subject: [PATCH] Implemented: FS#3706 - disable SSLv3 to protect servers agains POODLE attack.

---
 install/tpl/nginx_ispconfig.vhost.master |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/install/tpl/nginx_ispconfig.vhost.master b/install/tpl/nginx_ispconfig.vhost.master
index 931bc61..70d6a53 100644
--- a/install/tpl/nginx_ispconfig.vhost.master
+++ b/install/tpl/nginx_ispconfig.vhost.master
@@ -1,6 +1,7 @@
 server {
         listen {vhost_port};
 		ssl {ssl_on};
+		{ssl_comment}ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
         {ssl_comment}ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt;
         {ssl_comment}ssl_certificate_key /usr/local/ispconfig/interface/ssl/ispserver.key;
 		

--
Gitblit v1.9.1