How to Disable SSLv3 for Exim and Protect Your WHM/cPanel Server from POODLE

17
Your Guide to POODLE and WHM/cPanel
I. How to Disable SSLv3 for Apache and Protect Your WHM/cPanel Server from POODLE
II. How to Disable SSLv3 for Exim and Protect Your WHM/cPanel Server from POODLE

There’s a new POODLE in town, but unfortunately it’s not the kind of pooch you want around. POODLE stands for Padding Oracle On Downgraded Legacy Encryption. It’s an exploit that, although not considered to be as serious as Heartbleed, is one that should still be protected against. For more information read the Google Blog.

Fortunately, protecting your WHM/cPanel server is easy. Just follow the steps below:

Step 1: Navigate to the Include Editor

Shortcut:

WHM => Service Configuration => Exim Configuration Manager => Advanced Editor

Details:

First login to WHM and use the search functionality to search for Exim.

Then click on Exim Configuration Manager:

Next click on the Advanced Editor tab:

Step 2: Edit the Includes

Shortcut:

Add additional configuration setting => add “openssl_options” and “+no_sslv3” => Save

Details:

Find the SECTION: Config and then scroll to the end of that section looking for the Add additional configuration setting button.

In the first blank box add:

openssl_options

In the second blank box add:

+no_sslv3

The scroll down to the very bottom of the page and click the Save button.

Comments are closed, but trackbacks and pingbacks are open.