[How To] Disable SSLv3 for Apache in WHM cPanel

After HeartBleed, Poodle (Padding Oracle On Downgraded Legacy Encryption) is another exploit recently discovered affecting SSL version3.

To disable SSL version 3 for Apache in WHM cPanel, you can follow below steps:

1) Login in WHM and go to Service Configuration > Apache Configuration > Include Editor

2) Click on the Pre Main Include and select All Versions option from the drop down box.

3) Add the following contents in the editor

SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On


4) Click on update and restart Apache service.

How to verify?

To verify, execute below command which checks SSL connectivity with SSL v3.

openssl s_client -connect www.example.com:443 -ssl3

where example.com is the domain name having SSL installed.

Output should be:

1847:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1086:SSL alert number 40
1847:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:530:

Share on Facebook0Share on Google+0Tweet about this on TwitterShare on StumbleUpon1Share on LinkedIn1Share on Tumblr0Pin on Pinterest0Email this to someonePrint this page

About Abhijit Sandhan

Abhijit Sandhan
Loves Linux, Blogging, Traveling, Hiking and sharing Knowledge!

One comment

  1. great man

Leave a Reply

Your email address will not be published. Required fields are marked *