Search results for query: "poodle" "SSLProtocol"

You would think by now in 2017, we would have poodle figured out. In /etc/httpd/conf/plesk.conf.d/server.conf the SSL protocols are wrong. I fix it, but it doesn't survive the next time plesk writes to that file! WHY does plesk insist on making me vulnerable?? I have seen the warning that...

Hi deltatech, pls. consider to use these links: => LMGTFY => Search Results for Query: "poodle" "SSLProtocol" | Plesk Forum

AND get_courier_version() { courier_version="`imapd --version | awk '{print $2}' | awk -F '/' '{print $1}'`" courier_major_version="`echo $courier_version | awk -F '.' '{print $1}'`" courier_minor_version="`echo $courier_version | awk -F '.' '{print $2}'`" }...

In nginx /etc/nginx/plesk.conf.d/server.conf I found Why? See here: http://disablessl3.com/ or here https://blog.qualys.com/ssllabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack Maybe that helps here too: https://mozilla.github.io/server-side-tls/ssl-config-generator/ SSLLabs give...

Dear all, after googleing three days and reading much KBs and tutorials/workarounds I'm still stuck and would like to ask for some help. I'm new to plesk and need to secure a VPS runnig plesk for one of our clients because his admin has quit. There are some domains hosted on the server, it is...

Hi JCV, if you use the provided poodle check from Parallels, you will notice, that the "poodle.sh" - script only checks, if you use SSL3 ciphers. This is not really a decent check - it's a short work-around, but the check doesn't really point out, that there are SSL3 ciphers which are NOT...

I'm not sure, if you read the suggestion for a decent test. If not, please, visit the site https://www.ssllabs.com/ssltest/ . If you would like MORE informations, please visit a official site like: https://wiki.mozilla.org/Security/Server_Side_TLS , because I tried to explain it in my words, but...

For NGINX I use: ssl_session_timeout 5m; ssl_session_cache shared:SSL:50m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4...

Hi JCV, the suggestion is based on the mozilla.org "Intermediate compatibility" from https://wiki.mozilla.org/Security/Server_Side_TLS : Copied from mozilla.org - updated last 21.10.2014 Intermediate compatibility (default) For services that don't need compatibility with legacy clients...