The recently announced SSLv3 exploit also known as “POODLE” has now made SSL protocols totally vulnerable and thrust TLS as the preferred HTTPS security protocol. However you will need to disable SSL support in your web server’s SSL configuration to ensure you are not vulnerable to the POODLE Man-in-the-Middle attack or any another SSL based attacks yet to surface.


Locate your ssl.conf file, change to the /etc/nginx folder and search for it using:

grep -r ssl_protocol /etc/nginx

Open the file(s) which contain the line and update the configuration to the following:

ssl_protocols TLSv1.2 TLSv1.1 TLSv1;

Save the file and repeat for all configured files. Then restart nginx using:

service nginx restart

You have now disabled the SSL protocol and forced TLS as the default protocol.


Was this article helpful?

Related Articles