On October 14, 2014 Google has discovered a vulnerability in SSL V3.0 called POODLE that allows an attacker to capture encrypted data in plain text using man-in-the-middle attack. In order to secure your servers against this bug, you have to disable the support of SSL V3.0 on your servers.
Apache:
- Go to WHM >> Service Configuration >> Apache Configuration >> Global Configuration.
- SSL/TLS Cipher Suite, should contain
All -SSLv2 -SSLv3 - Save and rebuild Apache configuration.
Dovecot:
- WHM >> Service Configuration >> Mailserver Configuration.
- SSL Protocols should contain
!SSLv2 !SSLv3 - Click save at the bottom of the page.
Exim:
- WHM >> Service Configuration >> Exim Configuration Manager.
- Under Advanced Editor Tab, look for 'openssl_options'.
- Make sure the field contains
+no_sslv2 +no_sslv3 - Click save at the bottom of the page.
Cpsrvd:
- WHM >> Service Configuration >> Web Services Configuration.
- Make sure that the "TLS/SSL Protocols" field contains
SSLv23:!SSLv2:!SSLv3 - Click on save button.
Cpdavd:
- WHM >> Service Configuration >> cPanel Web Disk Configuration.
- Make sure that the "TLS/SSL Protocols" field contains
SSLv23:!SSLv2:!SSLv3 - Click on save button.
To test whether your server is vulnerable to the POODLE or not, type the following command:
openssl s_client -connect example.com:443 -ssl3
Make sure to replace example.com with your domain or IP address.
If the output looks like the following, then your server is not vulnerable and it is safe from the bug as it does not support SSL V3.0
routines:SSL3_READ_BYTES:sslv3 alert handshake failure
Simple way to check for POODLE on your server by using Qualys SSL Test.
Enter your domain name and click submit. You will get a detailed summary of your website and which protocols are supported.
To disable SSL V3.0 in your browser click here.