SSLv3 Vulnerability

From Acenet Knowledgebase
Revision as of 11:49, 24 November 2014 by Docs admin (talk | contribs) (Created page with "Most attacks against SSL modify data as it travels between the client and the server, in order to target weaknesses in specific ciphers. For example, the POODLE attack (CVE-20...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Most attacks against SSL modify data as it travels between the client and the server, in order to target weaknesses in specific ciphers. For example, the POODLE attack (CVE-2014-3566) targets weaknesses in the SSLv3 protocol.

Starting in WHM/cPanel 11.46, there is a separate SSL cypher protocol setting for all services managed by your cPanel server. The SSLv2 and SSLv3 cyphers are disabled by default:

WHM/cPanel and Webmail

WebDisk

Courier (Mail)

DoveCot (Mail)

Apache (http)

Exim (Mail)


Additional information can be found at the following link: https://documentation.cpanel.net/display/CKB/How+to+Adjust+Cipher+Protocols

Retrieved from "https://kb.acenet.us/index.php?title=SSLv3_Vulnerability&oldid=1712"