AidanMontareDotNet

You are on the old part of aidanmontare.net, which I am no longer maintaining. Newer versions of some of this content can be found on the active part of my site, which you can reach from my homepage.

POODLE SSL Fixed

(last updated

I am disappointed that I am so behind on this, but I finally addressed the POODLE SSL vulnerability on my server today.

While I check my server daily for updated software and issues, it was only when I read this Linode blog post that I realized the POODLE threat was something I needed to address on the server.

Luckily, fixing this vulnerability in Apache is as simple as adding -SSLv2 -SSLv3 to any SSLProtocol directives and restarting Apache.

I would urge all server administrators who have not already done so to fix their servers. You can read more about the issue here.

To make sure I catch more problems like this, I added SSL Labs test to my weekly list of server administration tasks (which I recently published).