POODLE

Submitted by Bill St. Clair on Wed, 15 Oct 2014 15:20:54 GMT  <== Webmaster stuff ==> 

A new SSL vulnerability, POODLE, is in the news. I changed my Apache web server's SSL configuration to mitigate. It no longer supports IE 6, so if you're using that, why?

I used the recommended Apache configuration at https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
I tested it at https://www.ssllabs.com/ssltest/

I'm still using a certificate signed with SHA-1. That is apparently no longer recommended. I'll update it sometime.

Add comment Edit post Add post