Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › eCart › eCart General / Announcements › Poodle SSL 3 0 Vulnerability - all our transactions are failing as of this morning (PayPal Payments Pro)

View all replies to this thread

Poodle SSL 3 0 Vulnerability - all our transactions are failing as of this morning (PayPal Payments Pro)

Thread began 11/18/2014 4:10 pm by Nathon Jones Web Design | Last modified 11/19/2014 1:02 pm by Nathon Jones Web Design | 1325 views | 5 replies

11/19/2014 9:58 amJason ByrnesWebAssist

We do not set the protocol to use for sending the transaction to PayPal through cURL, this means it will use the hosts default protocol.

The Poodle vulnerability will only encountered if your host has SSLV3 s3et as the default protocol for cURL communications.

you should have your host disable SSLv3 for the cURL library and set TLS as the fall back.

more information on the Poodle vulnerability can be found here:
http://chrisburgess.com.au/how-to-test-for-the-sslv3-poodle-vulnerability/

To get information on the cause of the failure, add the following in the body section of the failure page:

<?php @session_start(); var_dump($_SESSION); ?>

this will write the session contents to the page including the gateways response. the gateways response will contain information on why the transaction failed.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.