Forum OpenACS CMS: "This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C."
[13/Nov/2018:19:32:45][13128.7fbf435fe700][-driver:nsssl_v4:0-] Notice: SSL_shutdown has failed: error:1408F10B:SSL routines:SSL3_G T_RECORD:wrong version number
One should probably deactivate SSLv3 by default (with the cost, that some old SSL clients might fail). I will update the default configuration on bitbucket to the more secure setting.
The security rating of openacs.org (running NaviServer 4.99.17) is A+. You should be able to get the same.