How to disable SSLv3

One-stop resource on how to effectively disable SSLv3 in major web browsers as well as in web, mail and other servers that may still be using it.

Check the SSL/TLS setup of your server or CDN


Put the following line in your configuration file, or replace any existing line starting with ssl_protocols:

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Then restart the server (in Ubuntu: sudo service nginx restart).

Don't forget to test your website.


This page was compiled by Michele Spagnuolo.