How can I protect myself from POODLE?

To make it easier to get in touch with us, from the 24th of March 2016 all support tickets will need to be submitted from your Crucial Control Panel.

Background

Recently another vulnerability against SSL has emerged called POODLE. This attack vector targets SSL version 3, and can result in the contents of the SSL connection being revealed.

You can run a test to check if your server is vulnerable by visiting the following website.

tinfoilsecurity.com/poodle

If you are vulnerable the steps that need to be taken to resolve this depends on your Operating System and the webserver in use. In all cases it involves disabling SSLv3.

Please Note: Disabling SSLv3 may break compatibility with people using Windows XP.

Fixing the issue

If you have server management you can submit a request to Support and we will be able to ensure your server is not vulnerable.

If you do not have server management or would like to do this yourself, we have included steps on how to disable SSLv3. Click on a webserver to get the instructions on how to do this for that particular webserver.

Linux

Windows

After running through the steps, ensure you are no longer vulnerable by rechecking against the tinfoilsecurity.com/poodle website.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk