I wrote about “POODLE” issue on the last post. After that, I suddenly got worried about cURL on WordPress because I read SSLv3 fallback attack POODLE.
Though I found a following option at curl_setopt,
curl_setopt( $handle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
I couldn’t get where I should add it among WordPress Core Scripts. So, I made a topic on WordPress Forums…I’m waiting answers.
Edit(Oct.26):
I just made the topic [resolved]. Because I got the result that my cURL exactly uses TLSv1.2 by %{SSL_PROTOCOL} on the Apache log. I don’t need CURL_SSLVERSION_TLSv1 on the file class-http.php. If the SSL sever has appropriate configurations, clients can access it safely if their software components have the abilities required.
Clap clap, (*´▽`*).
The recipe for sweet potato yōkan that I often made this fall. Ingredients Sweet potato…
After a long time, when I checked broken links and fixed them, I got an…
I made a box, so I prepare the contents. Theme and Plugins. The theme is…
Hehe, it's been almost a year since my last post. I received a notification email…
About a week ago, I finally started to renew my sites, which I had been…
This website uses cookies.