Disable SSLv3 on Nginx to prevent #POODLE vulnerability

In the wake of POODLE vulnerability discovered in SSLv3, surprising number of people are not sure how to disable SSLv3. So here is how to do it.

In your Nginx SSL configuration, find the line that shows the protocols. It will be something like this:

ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;

Remove the SSLv3 from it and make it

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

That is all.

This is not relevant if you aren’t using SSL, of course.

Leave a Reply

Your email address will not be published. Required fields are marked *