Last updated: 12/01/2016
This article shows you how to disable the SSL 2.0 and SSL 3.0 protocols on your Apache web server
SSL 2.0 and SSL 3.0 are obsolete versions of the SSL protocol that have long since been superseded by the more secure Transport Layer Security (TLS) protocol, dat betere beveiliging biedt. In addition, a SSL 3.0 security flaw nicknamed POODLE was discovered in 2014, allowing an attacker to completely circumvent SSL security. Your Apache web server shouldn't be serving those protocols for better security.
Unless you only need to modify one site, in which case you can just open the virtual hosts file you need, try to find all SSL websites with the following command, executed in the root directory of your Apache installation:
grep -r SSLEngine *
This will list all SSL VirtualHost blocks you need to modify. Note that your Apache installation directory may differ according to you distribution. The most common locations are:
Using vi or your favourite text editor, add or modify the following line in each VirtualHost block that needs updating:
SSLProtocol all -SSLv2 -SSLv3
Restart Apache with one of the following commands:
/etc/init.d/httpd restart service httpd restart apachectl -k restart
© 2003 - 2021 Kinamo SA • Prices VAT excluded • General Conditions • Conditions of Sale • Privacy Statement