aliaspt Posted October 30, 2014 Share Posted October 30, 2014 Many of you who use Authorize.net may have received a message from them saying that transactions will no longer be processed if the website/store uses allows SSL v3 (due to vulnerability to POODLE attacks). Does anyone know how to disable SSL v3 on a shared server? I have been exchanging emails with my hosting company for 2 days but they refuse to do anything and keep saying that it's my (non-existent) programmer or developer who needs to fix this. The hosting company also said this: "When your developer wrote the code to send transactions to Authorize.net they had to create connections to Authorize.net. There are multiple ways of doing this, the most common is through a PHP module called PHP cURL. When using cURL one of the options you can set is the SSL version to use." Where is this PHP cURL module? Thank you in advance! Link to comment Share on other sites More sharing options...
safa Posted October 30, 2014 Share Posted October 30, 2014 find curl connection code and find to this code curl_setopt($ch, CURLOPT_SSLVERSION, 3); replace curl_setopt($ch, CURLOPT_SSLVERSION, 0); your problem will be solve.. Link to comment Share on other sites More sharing options...
aliaspt Posted October 30, 2014 Author Share Posted October 30, 2014 Where do I find this code? Thank you! find curl connection code and find to this code curl_setopt($ch, CURLOPT_SSLVERSION, 3); replace curl_setopt($ch, CURLOPT_SSLVERSION, 0); your problem will be solve.. Link to comment Share on other sites More sharing options...
safa Posted October 30, 2014 Share Posted October 30, 2014 in your Authorize.net module files. your module is paid or free ? Link to comment Share on other sites More sharing options...
aliaspt Posted October 30, 2014 Author Share Posted October 30, 2014 Oh, it is a paid module. I contacted the module developer and he said that it's the hosting company that needs to change settings. in your Authorize.net module files. your module is paid or free ? Link to comment Share on other sites More sharing options...
aliaspt Posted October 30, 2014 Author Share Posted October 30, 2014 This is the code I found in the module: curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); Does it need to be changed? Thank you. Oh, it is a paid module. I contacted the module developer and he said that it's the hosting company that needs to change settings. 1 Link to comment Share on other sites More sharing options...
safa Posted October 30, 2014 Share Posted October 30, 2014 contact the module developer again and show him tis topic . he will be understand. Link to comment Share on other sites More sharing options...
aliaspt Posted October 30, 2014 Author Share Posted October 30, 2014 OK, thank you. contact the module developer again and show him tis topic . he will be understand. Link to comment Share on other sites More sharing options...
Recommended Posts