[How To] Disable SSLv3 for Apache in WHM cPanel

Share with all..

After HeartBleed, Poodle (Padding Oracle On Downgraded Legacy Encryption) is another exploit recently discovered affecting SSL version3.

To disable SSL version 3 for Apache in WHM cPanel, you can follow below steps:

1) Login in WHM and go to Service Configuration > Apache Configuration > Include Editor

2) Click on the Pre Main Include and select All Versions option from the drop down box.

3) Add the following contents in the editor

SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On


4) Click on update and restart Apache service.

How to verify?

To verify, execute below command which checks SSL connectivity with SSL v3.

openssl s_client -connect www.example.com:443 -ssl3

where example.com is the domain name having SSL installed.

Output should be:

1847:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1086:SSL alert number 40
1847:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:530:

Share with all..

About Abhijit Sandhan

Loves Open Source, Blogging, Traveling, Hiking and sharing Knowledge!

One comment

  1. great man

Leave a Reply

Your email address will not be published. Required fields are marked *