Disabling SSLv3 for POODLE
Padding Oracle On Downgraded Legacy Encryption (POODLE) was released with the CVE identifier of CVE-2014-3566. The vulnerability was found in SSL protocol 3.0, unlike Heartbleed which was found in OpenSSL.
SSL protocol 3.0 makes use of CBC-mode ciphers that allow for man-in-the-middle attacks using padding-oracle stacks. These attacks target the CBC ciphers to retrieve plain-text output from otherwise encrypted information.
There is some good news. Most connections are using TLS and not SSL. However, sometimes there are problems negotiating a TLS session, and then the web servers, browsers, and other applications must downgrade to SSL.
In order to resolve this issue, we must disable SSLv3 for applications. Unfortunately, there is no way to do this for an entire server at once. You will need to edit each individual configuration separately.
The Impact of Disabling SSLv3
There’s little impact for most people in disabling SSLv3 because they are not relying on SSLv3 to make connections via SSL/TLS. The large majority relies on TLS.
In the future, browsers such as Google Chrome and FireFox will have SSLv3 disabled at release. It is also advisable to disable SSLv3 on home browsers, not only server applications.
Testing for SSLv3
There are several ways to determine if a service running over SSL will allow SSLv3. An easy method is to use the OpenSSL command line client. Run the command:
openssl s_client -connect example.com:443 -ssl3
Remember to replace example.com
with your domain or IP address, and 443
with any alternate port you may be using for your SSL connection. Check the output for the text:
routines:SSL3_READ_BYTES:sslv3 alert handshake failure
If you see this, the service you have tested does not support SSLv3. It is safe from the vulnerability.
Disabling SSLv3
Unfortunately, there is no simple way to go about this. There’s no patch to install, and the only way to resolve this is to disable SSLv3 in any application that may use it.
While we do not know the configuration of your Linode, we would be happy to assist you via support ticket if you have any questions about disabling SSLv3 on a specific application that is not provided below.
The POODLE vulnerability only works if the browser of the client and the server’s connection are both supporting SSLv3. Therefore, by disabling SSLv3 on your system, you are also protecting your client(s) from the vulnerability.
Apache
If you’re running an Apache web server that currently allows SSLv3, you will need to edit the Apache configuration. On Debian and Ubuntu systems the file is /etc/apache2/mods-available/ssl.conf
. On CentOS and Fedora the file is /etc/httpd/conf.d/ssl.conf
. You will need to add the following line to your Apache configuration with other SSL directives.
SSLProtocol All -SSLv2 -SSLv3
This will allow all protocols except SSLv2 and SSLv3. You can test your configuration change with the command:
apachectl configtest
You will then need to restart your Apache instance. On Ubuntu and Debian:
sudo service apache2 restart
On CentOS and Fedora:
systemctl restart httpd
For more information about configuring Apache to disallow SSLv2 and SSLv3, please see their Mod_SSL Documentation
Apache on cPanel/WHM
cPanel/WHM does not allow you to edit the Apache configuration files, and will overwrite most changes that are made to them. However, cPanel/WHM does give the option of configuring SSL cipher suites for Apache within the control panel.
In order to change the Apache cipher suites, follow these steps:
-
In WHM, type
apache
into the left-hand sidebar’s search field. You will seeApache Configuration
in the menu list. After clickingApache Configuration
, navigate toGlobal Configuration
. It is the first option on the page in cPanel 11.44+. -
The first option is
SSL Cipher Suite
, and you will need to modify the current SSL Cipher Suite to include-SSLv3
. An example of this is shown below.ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-SSLv3:-EXP:!kEDH
-
After saving the page, you will be asked to rebuild and restart Apache. Your changes should take effect after Apache has been rebuilt and restarted.
NGINX
If you’re running an NGINX web server that currently uses SSLv3, you need to edit the NGINX configuration (nginx.conf
). You will need to add the following line to your server
directive:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
This will deactivate SSLv3 from being used on NGINX. If you’re unable to find the server directive in nginx.conf
, you may need to locate your VirtualHost configuration file.
You will also need to restart your NGINX server:
sudo service nginx restart
For more information about NGINX’s SSL protocol setting, please see their NGX HTTP SSL Module Documentation.
Hiawatha
If you’re using the security-focused Hiawatha web server, it’s likely that SSLv3 is already disabled by default. But if for some reason you’re running an older version that does allow SSLv3, you can use the MinSSLversion
setting in hiawatha.conf
:
MinSSLversion = TLS1.0
# or TLS1.1 or TLS1.2
Then restart Hiawatha. For example, in Debian or Ubuntu:
sudo service hiawatha restart
For more information on Hiawatha’s configuration settings, see the manual page.
Postfix SMTP
If your Postfix installation is set up for opportunistic SSL
, which means that encryption is not enforced and plain text is accepted, you do not need to change anything. However, if you are running Postfix in mandatory SSL
mode, you will need to adjust your configuration to reflect the following change:
smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3
You’ll want to look in the # TLS parameters
section of /etc/postfix/main.cf
. This will force Postfix SMTP to not use SSLv3 or SSLv2. You will also need to restart Postfix:
sudo service postfix restart
For more information about Postfix’s smtpd_tls_mandatory_protocols
setting, please see their Postfix Configuration Parameters documentation.
Note
The Postfix documentation has not yet been adjusted to disallow SSLv3.
Dovecot
This will only work in Dovecot versions 2.1 and above. Add the following line to /etc/dovecot/local.conf
or a new file in /etc/dovecot/conf.d/10-ssl.conf
:
ssl_protocols = !SSLv2 !SSLv3
Then restart Dovecot:
sudo service dovecot restart
If you are running a version of Dovecot before 2.1, you will need to edit the source code of Dovecot.
HAProxy
In order to disable SSLv3 in HAProxy, you must be using HAProxy 1.5+, as SSL is not supported in earlier versions of HAProxy. Edit the /etc/haproxy.cfg
file and find the line that starts with bind
and refers to port 443 (SSL). Append that line with no-sslv3
.
An example of this line would be:
bind :443 ssl crt <crt> ciphers <ciphers> no-sslv3
You can learn more about HAProxy’s no-sslv3
cipher in their HAProxy Configuration Manual.
OpenVPN
According to a forum posted on OpenVPN, OpenVPN has announced that, because they use TLSv1.0, their platform is not vulnerable to POODLE.
Join our Community
Find answers, ask questions, and help others.
This guide is published under a CC BY-ND 4.0 license.