HowTO: Fix Vulnerability “SSLv2 Enabled”

Add the following lines to your httpd.conf:

SSLProtocol ALL -SSLv2
SSLCipherSuite HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL

To Test the Fix (replace 127.0.0.1 with whatever ip you need to test on):

openssl s_client -port 443 -host "127.0.0.1" -ssl2

Leave a Reply

  

  

  

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>