Need help? Call us on 1300 789 260

Disable SSLv3 support in the Apache Web Server

Difficulty: Intermediate


Apache 2+ Server


The recently announced SSLv3 exploit also known as " POODLE " has now made SSL protocols totally vulnerable and thrust TLS as the preferred HTTPS security protocol. However you will need to disable SSL support in your web server's SSL configuration to ensure you are not vulnerable to the POODLE Man-in-the-Middle attack or any another SSL based attacks yet to surface.


Locate your ssl.conf file, its usually located in /etc/httpd/conf.d

Locate the "SSLProtocol" line, if its commented out with a "#", remove the hash and change it to the following:

# Disable SSL access by default

SSLProtocol -ALL -SSLv2 -SSLv3 +TLSv1

Now to increase the security strength we can also disable the weaker ciphers, located the SSLCipherSuite line, uncomment it and make it

# SSL Cipher Suite
# List the ciphers that the client is permitted to negotiate
# See the mod_ssl documentation for a complete list


Save the changes and then restart the web server using:

service httpd restart

While you tightening up security, dont forget to disable SSL in your web browsers as well!

Was this article helpful? Yes No

Having trouble? We’re here to help!

We’ve built our company with a serious focus on quality service. Feel free to give us a call!

1300 789 260