Stop POODLE SSL (SSLv3 Vulnerability) Attacks on Apache

To stop the evil POODLE SSL attack on Apache, you need to disable the SSLv2 and SSLv3 protocols.

Add the following line of text to your apache.conf file, usually found in folder /etc/apache2

SSLProtocol All -SSLv2 -SSLv3

Run the apache configuration test command after doing this:

apachectl configtest

Then restart apache, the “hard” way:

/etc/init.d/apache2 stop
/etc/init.d/apache2 start

You are good to go!


Consider Encryption for Your Business — Article Published in Saratoga Business Journal

Portion of an article by Alex T. Silverstein, published online (and in print) by Saratoga Business Journal. Encourages all businesses to consider their storage of personally identifiable information, and the need to encrypt it.

Link: IT Experts: Vital Security Issues Are Not Always Simple, But Need To Be Addressed