As you may know that a security vulnerability was recently published on the web. This vulnerability affects version 3.0 of the SSL(Secure Sockets Layer) protocol. It basically allows someone to gain access to a connection that was assumed secure previously.
Since SSL 3.0 is not the only option to secure a connection PayPal has finally decided to disable it. This is to make sure that PayPal users are not impacted by it at all.
How It Affected My WordPress Shop
My server could not connect to PayPal via SSL 3.0, which lead to “payment validation” error for all the incoming orders of my online shop. Fortunately, my store is run by WP eStore e-commerce plugin. They patched an update as soon as this error was reported. So I did not lose many sales and got my online store running very quickly.
How to Prevent This Issue
If you are currently using SSL 3.0 you should consider
- updating to TLS, (it also provides a secure standard connection). You will need to connect to PayPal Endpoints using TLS 1.0 or 1.2 to update it.
- issuing new API credentials for security purposes.
If you are not aware of this issue or unsure whether you are using SSL 3.0 you can do a test purchase in Sandbox mode to find out.