Secure web server

First of all, check security your web server on this page

After that you can start fix your security problems.

Disabling SSL 3.0 in mod_ssl

To mitigate this vulnerability as it affects httpd using mod_ssl, set the SSLProtocol directive as follows in /etc/httpd/conf.d/ssl.conf:

Note: This directive must either be located at the topmost level of the configuration file, or inside the default virtual host configuration for an address.

Option 1: Disable SSLv2 and SSLv3 (Enable everything except SSLv2 and SSLv3)

SSLProtocol All -SSLv2 -SSLv3

Then restart httpd:

# service httpd restart

Option 2: Disable everything except TLSv1.x

On Red Hat Enterprise Linux 7 or Red Hat Enterprise Linux 6.6 and later:

SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2

On other platforms, including Red Hat Enterprise Linux 5

SSLProtocol -All +TLSv1

Then restart httpd:

# service httpd restart

ACIM Personal Knowledgebase

Sidebar

Table of Contents

Secure web server

Disabling SSL 3.0 in mod_ssl

Option 1: Disable SSLv2 and SSLv3 (Enable everything except SSLv2 and SSLv3)

Option 2: Disable everything except TLSv1.x

ACIM Personal Knowledgebase

User Tools

Site Tools

Sidebar

Table of Contents

Secure web server

Disabling SSL 3.0 in mod_ssl

Option 1: Disable SSLv2 and SSLv3 (Enable everything except SSLv2 and SSLv3)

Option 2: Disable everything except TLSv1.x

Page Tools