From 53124ed9dc52e8aee60d9018ffb32c18f03c4daa Mon Sep 17 00:00:00 2001 From: Till Brehm <tbrehm@ispconfig.org> Date: Thu, 16 Oct 2014 10:37:35 -0400 Subject: [PATCH] Implemented: FS#3706 - disable SSLv3 to protect servers agains POODLE attack. --- server/conf/nginx_vhost.conf.master | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/server/conf/nginx_vhost.conf.master b/server/conf/nginx_vhost.conf.master index 6e3d853..cb9f628 100644 --- a/server/conf/nginx_vhost.conf.master +++ b/server/conf/nginx_vhost.conf.master @@ -6,6 +6,7 @@ <tmpl_if name='ssl_enabled'> listen <tmpl_var name='ip_address'>:443 ssl; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; <tmpl_if name='ipv6_enabled'> listen [<tmpl_var name='ipv6_address'>]:443 ssl; </tmpl_if> -- Gitblit v1.9.1