On 2014 Oct 25, at 6:33 PM, Mohsin <mohsinchan...@gmail.com> wrote:
>> If you use HTTP "http://"; you are not using SSL/TLS. You are not
>> affected by POODLE, but also not using encryption.
>
> We are using HTTP so we are not affected by POODLE.
>
>
>> If using SSH/TLS, the server does not use serf. Turn off SSL 3.0 in the
>> Apache httpd configuration. No upgrade required, simple configuration
>> change.
>
> Can you tell when SSH/TLS is used ? In my case we are using HTTP protocol.
> How can I disable SSL 3.0 in Apache conf ?
As has been hinted at already, HTTP does not use *any* encryption. In
order to encrypt hypertext file transfers, one would need to set the web server
and clients to HTTPS protocol. Most likely your server is Apache, but in any
case such configuration details are off-topic for this list. Please read up
on, for example, 'man https' or do a web on 'apache configuration'.
sent from Mountain Lion
