Some days you just want to quickly edit a bunch of config files in one go.
One of the reasons I use Ubuntu LTS is that it’s got long term support (<light sarcasm>is that why it’s got LTS in the name?</light sarcasm>) and I make configuration templates that I just reuse in all the places. Poodle was announced and the short of it is that you need to disable the SSLv3 protocol on your web server.
No big deal. Visit your sites-available directory and change “SSLProtocol All -SSLv2” to add “-SSLv3” at the end. 17 times.
*Drinks more coffee and makes that face*
Or you know, run this command after checking you have “SSLProtocol All -SSLv2” in those mod_ssl config files.
sed -i.bak -e 's/SSLProtocol All -SSLv2$/SSLProtocol All -SSLv2 -SSLv3/g' *.conf
The -i.bak is to create unedited copies because bad things do happen to nice people.
Once I made sure that the files were edited I ran these commands to restart the web server and test.
service apache2 restart openssl s_client -connect blog.dembowski.net:443 -ssl3
I promptly saw this line.
140496364975776:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:
And all was right in the world. I deleted the .bak files and finished my coffee.
Comments by Jan Dembowski
New Life for old 3D Printers
I'm a little late in replying but that print surface? ...
This is not a Gutenberg Review, It’s a Blog Post
Oh, as someone who supports WordPress users in the forums ...
This is not a Gutenberg Review, It’s a Blog Post
That's fantastic. ;) The Classic Editor and at least one ...
This is not a Gutenberg Review, It’s a Blog Post
The blockquote tag works in the HTML comments here if ...
This is not a Gutenberg Review, It’s a Blog Post
It's not about popular belief. And WordPress is 100% open-source ...