POODLE / SSLv3 on cPanel

Portal Home > Knowledgebase > Articles Database > POODLE / SSLv3 on cPanel

Posted by Bbnuse, 10-15-2014, 04:38 PM
Hi, So, probably everybody knows about the POODLE / SSLv3 vulnerability now. In a cPanel server, is pretty easy to disable it for the webserver (Apache), but what about other browser-based services like Webmail, WHM and cPanel? I've run some test and ports 2096, 2087 and 2083 are vulnerable (443 is not after modifying Apache). Any ideas?
Posted by NetworkPanda, 10-15-2014, 04:44 PM
We already have a discussion for this here http://www.webhostingtalk.com/showth...1420329&page=3 It is possible to disable SSLv3 for cPanel services on ports 2083, 2087, 2096 but this breaks connections to cPanel from all current versions of Firefox, on any operating system, because Firefox does not support TLS connections to ports other than 443. It is a serious bug with Firefox, which will be resolved in November so if you disable SSLv3 for cPanel, your clients will not be able to connect to it with Firefox.
Posted by ServerManagement, 10-16-2014, 11:27 PM
The other thread is really long and may be confusing to many, the mods may want to put the latest fix at the top in the summary of the thread so people don't have to read through pages and pages of back and forth everyone posting a different fix. We've been patching servers since this came out and most go exactly as it should but we have seen some issues on a few.
Posted by suhailc, 11-10-2014, 04:26 AM
Hi, What steps in summary do you advise to implement to protect Cpanel servers?