I just received an email from PayPal stating because of Poodle vulnerability they will discontinue support for SSLV3 using their payment API from 3rd of Dec 2014.
Just wanted to put it out there and ask if anyone knows if this will directly effect the PayPal Payment Pro / Hosted Solution / Express payments integration in Magento 1.9.0.1 (latest)?
If so – anyone have an idea how I can go about fixing the standard paypal modules in magento?
Thanks!
Best Answer
As I understand it (and please correct me if I'm wrong) that it is in fact your hosting company (if on a shared platform) or you yourself if on VPS or Dedicated server for example that would have to disable the SSLv3. Your web host should do this, if they haven't already, and if you are responsible for your own server then I believe you can modify your httpd.conf and add the following;
This will disable v2 and v3 and I believe that TLS is the standard fallback connection.
This is if Apache config so if you are using something else, then the code may change slightly, but hopefully this helps you a little but I would be grateful to hear other peoples input on this too.