To stop the evil POODLE SSL attack on Apache, you need to disable the SSLv2 and SSLv3 protocols.
Add the following line of text to your apache.conf file, usually found in folder /etc/apache2
SSLProtocol All -SSLv2 -SSLv3
Run the apache configuration test command after doing this:
Then restart apache, the “hard” way:
You are good to go!
Here’s a handy tip for adding a custom header of your design to every response.
Open your Apache config file (name is usually httpd.conf), usually found in one of these locations (depending on your distro):
Tip: You can also discover the location of this file by executing one of the following:
or (depending upon your distro):
To find httpd (or apache2, or any other program), use this:
Anyway, to add a header of your choosing to each response, add the following to your config file:
Header set MyHeader "%D %t"
In the example above, a custom response header named
MyHeader is sent along with the value of the current date (
%D) and time (