Disable SSLv3 on a VPS or Dedicated Server

Overview

This article will explain how to disable SSLv3 on a VPS or Dedicated server. This can help you avoid issues with vulnerabilities in SSLv3.

Click on any of the sections to jump to that point in the guide.

• What You Need
• Login to the WHM
• Open the Apache Settings
• Change the SSL Cipher and Protocol Settings
• Test the Configuration

What You Need

• The password for the root user on your server.

Login to the WHM

You will need to be able to login to WHM on your server. This requires knowing the root password for your server. If you don't know the root password or haven't set one up, please see https://my.HostMonster.com/hosting/help/whm-login#root-password.

1. Login to the WHM by going to yourdomain.com/whm in a browser. Replace yourdomain.com with your domain name.
2. Once you get to the login page, enter your username and password.
   • Username will be root.
   • Password will be the root password for your server. If you don't know the root password or haven't set one up, please see https://my.HostMonster.com/hosting/help/whm-login#root-password.

   

3. You may see a page titled "Feature Showcase". If so, click on Exit to WHM at the bottom of the page.

   

Open the Apache Settings

1. In the search bar at the top left of the WHM, type "Apache".

   

2. In the search results, click on "Apache Configuration".

Change the SSL Cipher and Protocol Settings

1. On Apache Configuration page, click on Global Configuration

   

2. The first option should be SSL Cipher Suite, Select the 3rd option then copy this text into the box:
   ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:!kEDH

   

3. Under SSL/TLS Protocols, make sure the default setting, All -SSLv2 -SSLv3 is selected.

   

4. Scroll to the bottom of the page and click the Save button.

   

5. Click the Rebuild Configuration and Restart Apache button.

   

Note: After following these steps it may be necessary to add "Options +FollowSymLinks" to the .htaccess file for your site.

Test the Configuration

To test that SSL is disabled you run this command:
curl -IL –sslv3 https://domain.com
Note: replace domain.com with the domain for your site.
If SSLv3 has been disabled you should see a message like this:

curl: (35) error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

Knowledgebase Article 97,084 views bookmark

share

Share or save this via:

• E-mail
• Twitter
• Google Bookmarks
• Facebook
• MySpace
• Digg
• Reddit
• Bookmark
• Delicious
• LinkedIn
• StumbleUpon

tags: dedi dedicated ssl vps

Recommended Help Content

VPS Dedicated Installing SSL

To help with installing an SSL certificate for an account on a dedicated server through the WHM

Knowledgebase Article 228,160 views tags: assign dedicated server ssl whm

Error Code 500 on Dedicated and VPS Servers

This article will explain some common causes for 500 errors on Dedicated or V.P.S servers.

Knowledgebase Article 102,748 views tags: dedi dedicated error server vps

VPS or Dedicated Hosting - Manage Login SSL Certificates

How to manage the SSL used for cPanel login through the WHM

Knowledgebase Article 189,892 views tags: cpanel dedicated install login manage server ssl

Related Help Content

VPS and Dedicated Hosting: Enabling FTP on New Servers

This article will explain how-to enable FTP on a newly provisioned VPS or Dedicated cPanel server. Since FTP is an unsecured connection point to the server, cPanel has it disabled by default in version 11.86 or prior.

Knowledgebase Article 9,154 views tags: dedicated file ftp root server transfer vps

Restart a Dedicated or VPS Server.

This article will explain how to restart your Dedicated or VPS server.

Knowledgebase Article 104,996 views tags: dedi dedicated reboot restart services vps

Enable Non Legacy Backup on Dedicated or VPS Servers

This article will explain how to configure your dedicated or VPS server to use the new (non legacy) backup system.

Knowledgebase Article 86,391 views tags: backup dedi dedicated vps

Managing Users on a VPS or Dedicated Server

This article will explain how to create and manage users on Dedicated or VPS servers.

Knowledgebase Article 111,901 views tags: dedi dedicated users vps

Restarting Mail Services on Dedicated or VPS Servers

This article will explain how to restart the email related services on a Dedicated or VPS server. This may be useful if you are experiencing trouble with your email.

Knowledgebase Article 116,281 views tags: dedi dedicated dovecot exim mail restart vps whm

Access Mail Logs on Dedicated or VPS Servers

This article will explain how to view the email logs on a Dedicated or VPS server. This may be usefull if you are experiencing trouble with your email.

Knowledgebase Article 117,061 views tags: dedi dedicated logs mail vps whm

Clearing the Mail Queue on VPS and Dedicated Servers

This article will explain how to clear the outbound mail queue on a dedicated or VPS server.

Knowledgebase Article 121,198 views tags: dedi dedicated mail queue vps

VPS and Dedicated Hosting: Restore or Transfer cPanel

If you need to transfer or restore a cPanel account for your VPS or Dedicated server, there is a tool within the WHM panel to perform these tasks. This article is about transferring or restoring from another server or restoring after a re-image.

Knowledgebase Article 60,135 views tags: backup cpanel dedicated hosting restore server transfer vps