As we always disable SSLv2 in Apache. Now it is SSLv3 turn. The recent news about the SSL 3 vulnerability is so important that I have to disable it as well.

So just modify the ssl.conf of Apache

[ssh]SSLProtocol All -SSLv2 -SSLv3[/ssh]

The web site still has TLS 1.0, TLS 1.1 and TLS 1.2. For most of the browser working on the users computer, TLS is good enough. The only exception is IE 6.0 on Windows XP.

I am not worrying about it. Just forget the users who are still using IE 6.


Refer to Security Labs article.


David Yin

David is a blogger, geek, and web developer — founder of If you like his post, you can say thank you here

Leave a Reply

Your email address will not be published. Required fields are marked *