One-stop resource on how to effectively disable SSLv3 in major web browsers as well as in web, mail and other servers that may still be using it.
Lighttpd releases before 1.4.28 allow you to disable SSLv2 only.
If you are running at least 1.4.29, put the following lines in your configuration file:
ssl.use-sslv2 = "disable" ssl.use-sslv3 = "disable"
Then restart the server (in Ubuntu: sudo service lighttpd restart).
Don't forget to test your website.