Forum Discussion

Cirrostratus

Oct 29, 2014

Poodle Mitigation but can't disable SSLv3

Reading some of the recent articles it appears the recommendation is to force RC4 for all SSLv3 connections. Have any of you encountered any client issues doing so? Also wondering if anyone is usin...

Cirrostratus

Nov 07, 2014

For anyone interested, I'm using the irule below. The SSLv3 enabled profile only allows SSLv3 with RC4. The other profile has SSLv3 disabled.

when CLIENT_ACCEPTED {
if { [class match [IP::client_addr] equals "sslv3_allowed"] } {
SSL::profile sslv3_enabled
} else {
SSL::profile sslv3_disabled
}
}
when HTTP_REQUEST {
SSL::renegotiate
}

JRahm
Admin
Nov 07, 2014
nice work!

Forum Discussion

Poodle Mitigation but can't disable SSLv3

Recent Discussions

What happens if I only enable ASM in BIG-IP Under System > Resource Provisioning

What is the meaning is 52% block in WAF

Rundeck ansible F5 errors

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Related Content

SSLv3 POODLE mitigation recommendations

CitrixBleed Mitigation CVE-2023-4966

F5 Distributed Cloud L3-L7 DDoS Mitigation

Mitigating OWASP API Security risks using BIG-IP

Mitigating OWASP API Security Top 10 risks using F5 NGINX App Protect