HostMonster Web Hosting Help

Disable SSLv3 on a VPS or Dedicated Server

Overview

This article will explain how to disable SSLv3 on a VPS or Dedicated server. This can help you avoid issues with vulnerabilities in SSLv3.

Click on any of the sections to jump to that point in the guide.



What You Need

  • The password for the root user on your server.

Login to the WHM

You will need to be able to login to WHM on your server. This requires knowing the root password for your server. If you don't know the root password or haven't set one up, please see https://my.HostMonster.com/hosting/help/whm-login#root-password.

  1. Login to the WHM by going to yourdomain.com/whm in a browser. Replace yourdomain.com with your domain name.
  2. Once you get to the login page, enter your username and password.
    The WHM login page.
    The WHM login page.
  3. You may see a page titled "Feature Showcase". If so, click on Exit to WHM at the bottom of the page.
    The Feature Showcase page with 'Exit to WHM' spotlighted.
    The Feature Showcase page with "Exit to WHM" spotlighted.

Open the Apache Settings

  1. In the search bar at the top left of the WHM, type "Apache".
    Searching Apache in the WHM.
    Searching Apache in the WHM.
  2. In the search results, click on "Apache Configuration".

Change the SSL Cipher and Protocol Settings

  1. On Apache Configuration page, click on Global Configuration
    The global configuration.
    The global configuration.
  2. The first option should be SSL Cipher Suite, Select the 3rd option then copy this text into the box:
    ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:!kEDH
    The SSL Cipher Suite settings.
    The SSL Cipher Suite settings.
  3. Under SSL/TLS Protocols, make sure the default setting, All -SSLv2 -SSLv3 is selected.
    The SSL/TLS Protocol settings.
    The SSL/TLS Protocol settings.
  4. Scroll to the bottom of the page and click the Save button.
    The save button.
    The save button.
  5. Click the Rebuild Configuration and Restart Apache button.
    The Rebuild Configuration and Restart Apache button.
    The Rebuild Configuration and Restart Apache button.
A successful rebuild.
A successful rebuild.

Note: After following these steps it may be necessary to add "Options +FollowSymLinks" to the .htaccess file for your site.

Test the Configuration

To test that SSL is disabled you run this command:
curl -IL –sslv3 https://domain.com
Note: replace domain.com with the domain for your site.
If SSLv3 has been disabled you should see a message like this:

curl: (35) error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
Knowledgebase Article 21,908 views bookmark tags: dedi dedicated ssl vps


Was this resource helpful?

Did this resolve your issue?


Please add any other comments or suggestions about this content:





Recommended Help Content

To help with installing an SSL certificate for an account on a dedicated server through the WHM
Knowledgebase Article 126,893 views tags: assign dedicated server ssl whm

This article will explain some common causes for 500 errors on Dedicated or V.P.S servers.
Knowledgebase Article 33,071 views tags: dedi dedicated error server vps

How to manage the SSL used for cPanel login through the WHM
Knowledgebase Article 100,373 views tags: cpanel dedicated install login manage server ssl

Related Help Content

This article will explain how to restart your Dedicated or VPS server.
Knowledgebase Article 29,119 views tags: dedi dedicated reboot restart services vps

This article will explain how to configure your dedicated or VPS server to use the new (non legacy) backup system.
Knowledgebase Article 16,123 views tags: backup dedi dedicated vps

This article will explain how to create and manage users on Dedicated or VPS servers.
Knowledgebase Article 26,525 views tags: dedi dedicated users vps

This article will explain how to restart the email related services on a Dedicated or VPS server. This may be useful if you are experiencing trouble with your email.
Knowledgebase Article 26,555 views tags: dedi dedicated dovecot exim mail restart vps whm

This article will explain how to view the email logs on a Dedicated or VPS server. This may be usefull if you are experiencing trouble with your email.
Knowledgebase Article 26,403 views tags: dedi dedicated logs mail vps whm

This article will explain how to clear the outbound mail queue on a dedicated or VPS server.
Knowledgebase Article 29,346 views tags: dedi dedicated mail queue vps

How to install Java in a dedicated server.
Knowledgebase Article 80,305 views tags: dedicated install java server yum

This article discusses some measures you can take to secure a Dedicated or VPS server
Knowledgebase Article 17,798 views tags: dedi security vps