Ansible Playbook - Fix POODLE SSLv3 vulnerability - updated

/images/ansible_badge.png

Debian and CentOS Apache web servers:
 
---
- hosts: []
  sudo: yes
  tasks:
  - name: Fix SSL on Debian Wheezy
    replace: dest=/etc/apache2/mods-available/ssl.conf
      regexp='^SSLProtocol.*$'
      replace='SSLProtocol All -SSLv2 -SSLv3'
    notify: restart apache2
    when: ansible_os_family == 'Debian' and ansible_distribution_release == 'wheezy'

  - name: Fix SSL on Debian Jessie
    replace: dest=/etc/apache2/mods-available/ssl.conf
      regexp='^\tSSLProtocol.*$'
      replace='SSLProtocol All -SSLv2 -SSLv3'
    notify: restart apache2
    when: when: ansible_os_family == 'Debian' and ansible_distribution_release == 'jessie'

  - name: Fix SSL CentOS servers
    replace: dest=/etc/httpd/conf.d/ssl.conf
      regexp='^SSLProtocol.*$'
      replace='SSLProtocol All -SSLv2 -SSLv3'
    notify: restart httpd
    when: ansible_os_family == 'RedHat'

  handlers:
    - name: restart apache2
      service: name=apache2 state=restarted

    - name: restart httpd
      service: name=httpd state=restarted