iltdevunit 0 Report post Posted October 16, 2014 I've just read up on the latest SSL attack:https://threatpost.com/new-poodle-ssl-3-0-attack-exploits-protocol-fallback-issue/108844 The patches I've seen so far are for Apache on Linux or IIS on Windows. Does anyone know how to apply the fix to Uniserver Zero i.e. Apache on Windows? Quote Share this post Link to post Share on other sites
Ric 0 Report post Posted October 17, 2014 Edit file C:\UniServerZ\core\apache2\conf\extra\httpd-ssl.confLocate this section: #== SSL Cipher Suite: SSLProtocol -all +TLSv1 +SSLv3 SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUMReplace with: #== SSL Cipher Suite: SSLProtocol all -SSLv2 -SSLv3 SSLHonorCipherOrder on SSLCipherSuite AES256+EECDH:AES256+EDHNote: Above added starting from Uniform Server 11.4.0-ZeroXI All the bestRic Quote Share this post Link to post Share on other sites