As of Dec 3 2014 PayPal will be disabling SSL 3.0 v3 what does this mean for your website if your using PayPal as your payment gateway? Well your going to have to update to TLS and also disable SSL3.0 v3 on your web server as well. POODLE was released with the CVE identifier of CVE-2014-3566. The vulnerability is much like heart bleed that was discovered early this year. It allows a middle man to read unencrypted information such as passwords, credit cards and other secure data in a plain text format.
A simple way of testing your server to see if it running the command in your terminal:
openssl s_client -connect mywebsitehere.com:443 -ssl3
You will need to change mywebsitehere.com to your website name. If you see this:
routines:SSL3_READ_BYTES:sslv3 alert handshake failure
You are safe from the vulnerability. Otherwise you are not and need to update your web server ASAP. This means disabling SSLv3 on all your applications and flippling over to TLS. Here at Red Cherry we make sure we are up on the latest vulnerabilitys to make your software or website are unlikley to be exposed to any threats.
Categories
Testimonial
"Red Cherry was a fantastic firm to work with for our web design and SEO needs. From the initial quote, through scoping, design, and final product, the process with Dan and the entire team was excellent. We needed to take our website to a more polished level, and keep lots of key functionality, including specific tools to our industry - Red Cherry was able to do it all! Highly recommend their approach and work product."
Recent Work
Northfront Insurance strives to clearly under stand your needs & how the products... we offer can effectively protect you and your family.
