The problem of the poodle vulnerability on the azure internet

Question

The problem of the poodle vulnerability on the azure internet

I have a website that runs on Microsoft Azure and has SSL enabled for that website. After the poodle vulnerability issue, I just checked my domain at https://www.poodlescan.com/ and found the domain is vulnerable.

There is no server access in Microsoft Azure and we can only push files using git or FTP or something like that.

So my question is, is there a way to fix this problem? Or does Lazura need to fix this?

+3

azure azure-web-sites

itzforu Oct 20 '14 at 8:10

source to share

1 answer

Svein Fidjestøl · Answer 1 · 2014-10-20T08:12:59+0000

~~You need to disable SSL 3.0. Take a look here: http://azure.microsoft.com/blog/2014/10/19/how-to-disable-ssl-3-0-in-azure-websites-roles-and-virtual-machines/~~

UPDATE: Microsoft disabled SSL 3.0 for Azure Websites in December 2014, which resolves the issue. http://azure.microsoft.com/blog/2014/12/09/azure-security-ssl-3-0-update/

SSL 3.0 is disabled on Azure sites. This no longer requires client configuration changes.

The problem of the poodle vulnerability on the azure internet

More articles: