I have a virtual Debian web server running apache 2.2.22 with an ssl enabled vhost. I am trying to disable SSLv3 and no matter what I do there seems to be no change when I rescan the website with Comodo or SSL labs. I have tried editing:
... by either adding or changing the existing parameters for:
SSLProtocol all -SSLv3 -SSLv2
And after every change I run service apache2 restart
I also grep'd the /etc/apache2 directory for those ssl variables thinking they were coming from somewhere else but they are not.
Ultimately I am trying to switch the site over to TLS and dump SSLv3 but I just can't make an impact...