Disable SSL 3.0 in Apache

Configuring Apache to Disable SSL v 3.0 The Apache HTTP Server is configured by placing directives in plain text configuration files. The main configuration file is usually called httpd.conf, and it is easy to update the Apache web server to disable SSLv3 (and thus protect your websites » Continue Reading.

POODLE Flaw Grows Bigger: TLS Affected

POODLE SSL / TLS You probably remember hearing about the POODLE vulnerability back in October when Google engineers first publicly released information about it. POODLE stands for Padding Oracle On Downgraded Legacy Encryption and basically allows for a Man-in-the-Middle (MitM) attack. Originally, it was thought to » Continue Reading.

SSL.com Announces SHA-2 SSL Support

Microsoft, Google and Mozilla have all announced various plans to stop supporting SHA-1 SSL certificates after January 1, 2017. As a result, SSL.com began issuing SSL certificates using only SHA-2 (aka SHA-256) as the default hashing algorithm starting September 24, 2014. There are no special flags » Continue Reading.