diff options
| author | jim-p <jimp@pfsense.org> | 2014-10-15 08:40:36 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2014-10-15 08:41:11 -0400 |
| commit | 29be59ad8ed25830f4e50a89977aca53ad8a29f4 (patch) | |
| tree | 5304c371a0abf994660b036252ce968a26acb749 | |
| parent | 07c24bf190658ec675f19d36204d3a5185c6e0fc (diff) | |
| download | pfsense-29be59ad8ed25830f4e50a89977aca53ad8a29f4.zip pfsense-29be59ad8ed25830f4e50a89977aca53ad8a29f4.tar.gz | |
Tame the poodle. Disable SSLv3.
| -rw-r--r-- | etc/inc/system.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/inc/system.inc b/etc/inc/system.inc index c40376c..a1ea489 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -1152,6 +1152,7 @@ EOD; // Harden SSL a bit for PCI conformance testing $lighty_config .= "ssl.use-sslv2 = \"disable\"\n"; + $lighty_config .= "ssl.use-sslv3 = \"disable\"\n"; /* Hifn accelerators do NOT work with the BEAST mitigation code. Do not allow it to be enabled if a Hifn card has been detected. */ $fd = @fopen("{$g['varlog_path']}/dmesg.boot", "r"); |
