Plesk Nginx Poodle Vulnerability Fix

Hello Guys,

 

I happened to work on a client’s Plesk server running Nginx on frontend, where I was asked to fix the recent Poodle vulnerability. I had difficult time to figure out the fix, and I don’t want others to face the same. Hence, created this post.

 

Step1: Open the Plesk’s Nginx configuration located at /etc/nginx/plesk.conf.d/server.conf and  edit the ssl_protocols line to the one below.

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Then edit the same ssl_protocols entry on below Plesk configuration updater files,

/usr/local/psa/admin/conf/templates/default/nginxWebmailPartial.php

/usr/local/psa/admin/conf/templates/default/nginxDomainVirtualHost.php

/usr/local/psa/admin/conf/templates/default/nginxDomainVhost.php
/usr/local/psa/admin/conf/templates/default/domain/nginxDomainVirtualHost.php

 

and then run the below command.

Step2:

[root@pleskNginx1]#/usr/local/psa/admin/bin/httpdmng --reconfigure-all
[root@pleskNginx1]/etc/init.d/httpd restart

Thanks for viewing helpinlinux.com

Leave a Reply

Protected by WP Anti Spam