Rackspace is tracking an industry-wide security issue broadly referred to as “POODLE,” (Padding Oracle On Downgraded Legacy Encryption) (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566). This is a vulnerability affecting the SSLv3 protocol, and a number of Rackspace customers may be impacted. At this time, we are not aware of any attacks attempting to leverage the vulnerability, but we’re closely monitoring the situation.
Rackspace is taking all relevant actions to protect our infrastructure, and we are encouraging our customers to do the same. We recommend that our customers disable SSLv3 at both the server and client layers. Please note, doing so can create compatibility impacts for legacy infrastructure and user experience. For example, disabling SSLv3 on the server side may cause usability impacts for site visitors using Internet Explorer 6 running on Windows XP. We strongly suggest that you conduct thorough testing to ensure continued operability.
If you have any further questions or need any assistance, please contact a member of your Fanatical Support team.