How to disable SSLv3

One-stop resource on how to effectively disable SSLv3 in major web browsers as well as in web, mail and other servers that may still be using it.

Web browsers

Chrome and Chromium
Firefox
Safari
Internet Explorer
Opera

Web servers

Apache
IIS
Nginx
Lighttpd

Mail servers

Sendmail
Postfix
Dovecot
Courier

Other

Java
NodeJS
OpenVPN
Puppet
HAProxy

Safari

Apple has released Security Update 2014-005, which disables CBC-mode ciphers in coordination with SSLv3. The patch is available for Mac OS Mavericks, Mountain Lion, and Yosemite, and once you updated no action is needed on your part.

Internet Explorer

To disable SSLv3 in Internet Explorer:

  1. Open Internet Options from the Start menu
  2. Click the Advanced tab
  3. Uncheck Use SSL 3.0
  4. Confirm by clicking OK

If you have an older version of Windows, such as Windows XP, make sure it is at least patched with SP3 to be able to access sites with SSLv3 disabled.

Credits

This page was compiled by Michele Spagnuolo.