AnsweredAssumed Answered

Disabling SSL2 and SSL3 doesn't improve site overall score

Question asked by dan callum on Jun 30, 2015
Latest reply on Jun 30, 2015 by j-mailor

Hello Forum, I was checking one of the sites for SSL vulnerabilities on and the result showed 'this server support SSL 2' and that that sire is vulnerable to POODLE and FREAK attack and to 'disable SSL 3 to mitigate'. Since the website is running on a Apache server, I followed the instructions here and added SSLProtocol all -SSLv3 -SSLv2 to SSL.conf file. I restarted the httpd service but running the SSLTEST again shows support for SSL 2 and SSL 3. Why is that happening? Do I have to do something else to get this fixed?