From fe256f3be7abef6a87827816699849cef0b08e72 Mon Sep 17 00:00:00 2001 From: Mike Almond Date: Wed, 15 Oct 2014 11:22:09 -0400 Subject: [PATCH] Add note about POODLE attack against SSLv3 --- h5bp/directive-only/ssl.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/h5bp/directive-only/ssl.conf b/h5bp/directive-only/ssl.conf index 2ad6236..222880f 100644 --- a/h5bp/directive-only/ssl.conf +++ b/h5bp/directive-only/ssl.conf @@ -1,4 +1,4 @@ -# Protect against the BEAST attack by not using SSLv3 at all. If you need to support older browsers (IE6) you may need to add +# Protect against the BEAST and POODLE attacks by not using SSLv3 at all. If you need to support older browsers (IE6) you may need to add # SSLv3 to the list of protocols below. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;