From 53124ed9dc52e8aee60d9018ffb32c18f03c4daa Mon Sep 17 00:00:00 2001 From: Till Brehm <tbrehm@ispconfig.org> Date: Thu, 16 Oct 2014 10:37:35 -0400 Subject: [PATCH] Implemented: FS#3706 - disable SSLv3 to protect servers agains POODLE attack. --- install/tpl/nginx_ispconfig.vhost.master | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/install/tpl/nginx_ispconfig.vhost.master b/install/tpl/nginx_ispconfig.vhost.master index 931bc61..70d6a53 100644 --- a/install/tpl/nginx_ispconfig.vhost.master +++ b/install/tpl/nginx_ispconfig.vhost.master @@ -1,6 +1,7 @@ server { listen {vhost_port}; ssl {ssl_on}; + {ssl_comment}ssl_protocols TLSv1 TLSv1.1 TLSv1.2; {ssl_comment}ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt; {ssl_comment}ssl_certificate_key /usr/local/ispconfig/interface/ssl/ispserver.key; -- Gitblit v1.9.1