Tag: openssl

COMPLETELY disable SSLv3 in nginx (avoiding POODLE attack)

Since SSLv3 is deprecated, it’s a good idea to disable it in webserver config to become invulnerable to POODLE attack (sorry, Windows XP users). The problem is, even if you disable it in config, it may be still available for negotiation! Follow the article to see the remedy for this issue. The main part is

Continue Reading…