From 53124ed9dc52e8aee60d9018ffb32c18f03c4daa Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Thu, 16 Oct 2014 10:37:35 -0400
Subject: [PATCH] Implemented: FS#3706 - disable SSLv3 to protect servers agains POODLE attack.

---
 server/conf/nginx_vhost.conf.master |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/server/conf/nginx_vhost.conf.master b/server/conf/nginx_vhost.conf.master
index 6e3d853..cb9f628 100644
--- a/server/conf/nginx_vhost.conf.master
+++ b/server/conf/nginx_vhost.conf.master
@@ -6,6 +6,7 @@
 		
 <tmpl_if name='ssl_enabled'>
         listen <tmpl_var name='ip_address'>:443 ssl;
+		ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 <tmpl_if name='ipv6_enabled'>
         listen [<tmpl_var name='ipv6_address'>]:443 ssl;
 </tmpl_if>

--
Gitblit v1.9.1