In the wake of POODLE vulnerability discovered in SSLv3, surprising number of people are not sure how to disable SSLv3. So here is how to do it.
In your Nginx SSL configuration, find the line that shows the protocols. It will be something like this:
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
Remove the SSLv3 from it and make it
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
That is all.
This is not relevant if you aren’t using SSL, of course.
If you want updates.
Leave a Reply