Today, Google released a security advisory on a vulnerability in SSLv3. Nicknamed POODLE (yes, the dog!), the vulnerability makes it possible to decrypt “secure” HTTP cookies or authentication headers. To exploit this, an attacker could easily cause a connection failure that forces a browser to use SSLv3. Because this security vulnerability has widespread implications, we wanted to share a few tips to secure your site from this issue.
If your site supports SSL 3.0, you can prevent attacks by:
removing SSL 3.0 support
using a service like Cloudflare that disables it by default.