How to Disable SSLv3 for Exim and Protect Your WHM/cPanel Server from POODLE
There’s a new POODLE in town, but unfortunately it’s not the kind of pooch you want around. POODLE stands for Padding Oracle On Downgraded Legacy Encryption. It’s an exploit that, although not considered to be as serious as Heartbleed, is one that should still be protected against. For more information read the Google Blog.
Fortunately, protecting your WHM/cPanel server is easy. Just follow the steps below:
WHM => Service Configuration => Exim Configuration Manager => Advanced Editor
First login to WHM and use the search functionality to search for Exim.
Then click on Exim Configuration Manager:
Next click on the Advanced Editor tab:
Add additional configuration setting => add “openssl_options” and “+no_sslv3” => Save
Find the SECTION: Config and then scroll to the end of that section looking for the Add additional configuration setting button.
In the first blank box add:
In the second blank box add:
The scroll down to the very bottom of the page and click the Save button.