Dear Valued Customers,
* * *Only clients hosted on Linux shared hosting servers will be affected ***
Why Exabytes disable SSLV3 on all Linux shared hosting servers?
SSLv3 is vulnerable and obsolete. Poodle Attack allows an attacker to read encrypted information using man-in-the-middle attack.
To protect against attacks on common server applications, the workaround is to disable SSLv3.
What is Poodle Attack?
POODLE (Padding Oracle On Downgraded Legacy Encryption) is a security vulnerability that forces the downgrade of negotiated session protocol to SSLv3.
It interrupt the handshake between the client (browser) and servers (Website) and all major browsers voluntarily downgrade to SSL 3.0 if the handshakes with newer version of TLS fail.
The attacker will exploit the vulnerability in SSLV3 to compromise once the protocol downgrade is successful.
Here is the protocol according to their development year.
SSL 2.0 Year 1995
SSL 3.0 Year 1996
TLS 1.0 Year 1999
TLS 1.1 Year 2006
TLS 1.2 Year 2008
Our team will perform system update, and services SSL cipher update then restart the services.
Clients will not face any downtime during the maintenance.
Technical Support Department