Patch Poodle Vulnerability

To patch an ee stack and protect against the poodle vulnerability:

edit the nginx.conf file and add a line indicating ssl_protocols :

sudo vi /etc/nginx/nginx.conf 


ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Scan your sites/servers:

tutorial at digital ocean:


Thanks for the heads up. I did the same thing yesterday. I noticed the problem when I was playing with SSLLABS.

On Apache you can disable SSLv3 by adding the following line to the configuration file:

SSLProtocol All -SSLv2 -SSLv3