From 53124ed9dc52e8aee60d9018ffb32c18f03c4daa Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Thu, 16 Oct 2014 10:37:35 -0400
Subject: [PATCH] Implemented: FS#3706 - disable SSLv3 to protect servers agains POODLE attack.

---
 server/conf/vhost.conf.master |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/server/conf/vhost.conf.master b/server/conf/vhost.conf.master
index 16e0d12..23cec47 100644
--- a/server/conf/vhost.conf.master
+++ b/server/conf/vhost.conf.master
@@ -47,7 +47,8 @@
 
 		<IfModule mod_ssl.c>
 <tmpl_if name='ssl_enabled'>
-	SSLEngine on
+		SSLEngine on
+		SSLProtocol All -SSLv2 -SSLv3
 		SSLCertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt
 		SSLCertificateKeyFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key
 <tmpl_if name='has_bundle_cert'>

--
Gitblit v1.9.1