The problem of the poodle vulnerability on the azure internet
I have a website that runs on Microsoft Azure and has SSL enabled for that website. After the poodle vulnerability issue, I just checked my domain at https://www.poodlescan.com/ and found the domain is vulnerable.
There is no server access in Microsoft Azure and we can only push files using git or FTP or something like that.
So my question is, is there a way to fix this problem? Or does Lazura need to fix this?
source to share
You need to disable SSL 3.0. Take a look here: http://azure.microsoft.com/blog/2014/10/19/how-to-disable-ssl-3-0-in-azure-websites-roles-and-virtual-machines/
UPDATE: Microsoft disabled SSL 3.0 for Azure Websites in December 2014, which resolves the issue. http://azure.microsoft.com/blog/2014/12/09/azure-security-ssl-3-0-update/
SSL 3.0 is disabled on Azure sites. This no longer requires client configuration changes.
source to share