Pages

Sunday, 19 October 2014

There’s a new POODLE in town [Fix vulnerability] [cPanel servers]

Hello Guys,

We are getting mails from client that to check the POODLE vulnerability check on their servers. To check if the server is vulnerable do;

openssl s_client -connect ServerIP:443 -ssl3

If you get

CONNECTED(00000003)
140051818760008:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1257:SSL alert number 40
140051818760008:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:

It's not vulnerable to POODLE. If the result showing any other result then perform below steps;

Go to

WHM » Home » Service Configuration » Apache Configuration » Global Configuration

SSL Cipher Suite: ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:!kEDH:!aNULL

After that;

Go to

Home » Service Configuration » Apache Configuration » Include Editor » Pre Main Include

Select all versions, then add below lines (for CentOS/RHEL 6.x:)

SSLHonorCipherOrder On
SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2

Select all versions, then add below lines (CentOS/RHEL 5.x:)

SSLHonorCipherOrder On
SSLProtocol -All +TLSv1

Then update.

It will resolve the issue :)

Note: Make sure to run the command that you ran at front to confirm things before updating the client.
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)