How to Disable SSLv3 for Exim and Protect Your WHM/cPanel Server from POODLE

Your Guide to POODLE and WHM/cPanel
I. How to Disable SSLv3 for Apache and Protect Your WHM/cPanel Server from POODLE
II. How to Disable SSLv3 for Exim and Protect Your WHM/cPanel Server from POODLE

There’s a new POODLE in town, but unfortunately it’s not the kind of pooch you want around. POODLE stands for Padding Oracle On Downgraded Legacy Encryption. It’s an exploit that, although not considered to be as serious as Heartbleed, is one that should still be protected against. For more information read the Google Blog.

Fortunately, protecting your WHM/cPanel server is easy. Just follow the steps below:

Step 1: Navigate to the Include Editor

Shortcut:

WHM => Service Configuration => Exim Configuration Manager => Advanced Editor

Details:

First login to WHM and use the search functionality to search for Exim.

Then click on Exim Configuration Manager:

How to Disable SSLv3 for Exim and Protect Your WHMcPanel Server from POODLE

Next click on the Advanced Editor tab:

How to Disable SSLv3 for Exim and Protect Your WHMcPanel Server from POODLE

Step 2: Edit the Includes

Shortcut:

Add additional configuration setting => add “openssl_options” and “+no_sslv3” => Save

Details:

Find the SECTION: Config and then scroll to the end of that section looking for the Add additional configuration setting button.

How to Disable SSLv3 for Exim and Protect Your WHMcPanel Server from POODLE

In the first blank box add:

openssl_options

In the second blank box add:

+no_sslv3

How to Disable SSLv3 for Exim and Protect Your WHMcPanel Server from POODLE

The scroll down to the very bottom of the page and click the Save button.

How to Disable SSLv3 for Exim and Protect Your WHMcPanel Server from POODLE

Be Sociable, Share!
Here's $75, Launch a New VPS Today. Find out why 30,000 customers have chosen our Best-in-Class Performance & 24x7 Heroic Support.