Incapsula network customers are not susceptible to the POODLE vulnerability. Details on the remediation steps we have taken can be found here.
Given the continued risks involved in using SSL v3, and the extremely low volume of SSL v3 connections we see on our network, we have decided to take the additional measure of disabling SSL v3 connections by default, as outlined below.
Next Steps by Incapsula
- Disable SSL v3 connections between Incapsula’s proxies and origin servers.
On Sunday, November 2, Incapsula’s standard weekly deployment will include disabling SSL v3 support for connections between our proxies and all customer origin servers.
Those customers requiring SSL v3 to remain active between Incapsula proxies and their origin server should make that specific request prior to November 2. To do so, please contact Incapsula global support via one of the following channels:
Phone: +1-866-250-7659 (24/7)
- Continue evaluating the impact of disabling SSL v3 for connections between clients and Incapsula proxies, including contacting specific customers who may require further assistance.
Further updates regarding this topic will be provided as needed.