Forum Discussion
Brad_Parker
Dec 22, 2014Cirrus
The POODLE vulnerability is only for CBC ciphers. '!SSLv3:RC4-SHA' would result in only RC4 ciphers and exclude SSLv3 which will cover the POODLE vulnerability. The only other issue with this is RC4 is also consider to be weak and soon to be considered insecure. I would recommend upgrading whenever you can to 11.5+ to get access to newer and string cipher such as GCM.