vulnerable to POODLE

How can I detect if my website is vulnerable to POODLE?

You can use Nmap to check if your site is vulnerable to POODLE by supporting SSLv3.

nmap --script ssl-enum-ciphers -p 443 ghost2.eu.saecas.com

If it is and you are running Apache you can disable SSLv3 in your virtual host by add the line

SSLProtocol All -SSLv2 -SSLv3

For more information and Nginx and other services please see http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566.

 

mysqladmin flush-hosts

After entering the wrong MySQL password I receive the message “ERROR 1129 (HY000): Host is blocked because of many connection errors; unblock with ‘mysqladmin flush-hosts'” and can no longer log in, what can I do?

Connect to MySQL from another host and run the SQL command “flush hosts”. If you have phpMyAdmin installed on the MySQL server you can also connect from your current host, the connection will be seen as coming from localhost.