From 53124ed9dc52e8aee60d9018ffb32c18f03c4daa Mon Sep 17 00:00:00 2001 From: Till Brehm <tbrehm@ispconfig.org> Date: Thu, 16 Oct 2014 10:37:35 -0400 Subject: [PATCH] Implemented: FS#3706 - disable SSLv3 to protect servers agains POODLE attack. --- server/conf/vhost.conf.master | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/server/conf/vhost.conf.master b/server/conf/vhost.conf.master index 16e0d12..23cec47 100644 --- a/server/conf/vhost.conf.master +++ b/server/conf/vhost.conf.master @@ -47,7 +47,8 @@ <IfModule mod_ssl.c> <tmpl_if name='ssl_enabled'> - SSLEngine on + SSLEngine on + SSLProtocol All -SSLv2 -SSLv3 SSLCertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt SSLCertificateKeyFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key <tmpl_if name='has_bundle_cert'> -- Gitblit v1.9.1