How do I disable SSLv3 in Apache?

To make it easier to get in touch with us, from the 24th of March 2016 all support tickets will need to be submitted from your Crucial Control Panel.

The way to disable SSLv3 in Apache depends on the Operating System you are using.

Centos 5, 6 and 7 +  Fedora + Cloudlinux (Without cPanel)

  1. Connect to the server using SSH
  2. Open the following file using your preferred text editor
    /etc/httpd/conf.d/ssl.conf

  3. Add the following line to your Apache configuration with other SSL directives
    SSLProtocol All -SSLv2 -SSLv3

  4. Save the changes
  5. Check the new configuration by running the following command
    /etc/init.d/httpd configtest

  6. If the configuration test is OK and passes, restart the service by running the following command
    /etc/init.d/httpd restart

Centos 5, 6 and 7 +  Fedora + Cloudlinux (With cPanel)

There are 2 ways this can be done, attempt these in order.

  1. Connect to the server using SSH
  2. Run the following command to update the server
    /scripts/upcp --force

If this fails, complete the following steps.

  1. Access WHM by browsing to the link sent in your welcome email
  2. Login using the details provided in the welcome email
  3. You will now see the home screen of WHM
  4. The quickest way to bring up the correct page is to search for 'apache' in the search bar
  5. Click on 'Apache Configuration'
  6. Select 'Global Configuration'
  7. Under 'SSL Cipher Suite' click the radio button with the text entry field
  8. Replace the text with the following
    ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-SSLv3:-EXP:!kEDH

  9. Click 'Save'
  10. After saving the page, you will be asked to rebuild and restart Apache.
  11. Your changes should take effect after Apache has been rebuilt and restarted

Debian + Ubuntu

  1. Connect to the server using SSH
  2. Open the following file using your preferred text editor
    /etc/apache2/mods-available/ssl.conf

  3. Add the following line to your Apache configuration with other SSL directives
    SSLProtocol All -SSLv2 -SSLv3

  4. Save the changes
  5. Check the new configuration by running the following command
    apachectl configtest

  6. If the configuration test is OK and passes, restart the service by running the following command
    /etc/init.d/apache2 restart
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk