News:

You may pay someone to create your store, or you visit our seminar and become a professional yourself with the silver certification

Main Menu

Does the Authorize.net AIM plugin meet 2016 AN Requirements?

Started by mronayne, April 19, 2016, 20:11:33 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

mronayne

April 19, 2016, 20:11:33 PM
I've been receiving notices from Authorize.net about upcoming changes to their APIs and security cipher.
I am running version 3.0.6.4 of the Authorize.net AIM plugin now - does it meet the most current requirements of Authorize.net?

Here is the part about the RC4 Cipher:

RC4 Cipher Disablement
In an effort to ensure that all server-to-server communications with the Authorize.Net platform (both transactional and otherwise) maintain the highest levels of security, we will be disabling the RC4 cipher suite in the sandbox on April 29, 2016, and in the production environment on May 31, 2016.

If you have a solution that relies on RC4 to communicate with our servers, please update it to a current, high-security cipher as soon as possible. Please review our API best practices blog post for more information.

This is important to know...

sohopros

#1
April 19, 2016, 21:08:38 PM
We got the same notice and are wondering about this as well.  Anyone?

neo314

#2
April 21, 2016, 19:37:30 PM
I have the same question for version 2.0.12f using the full domain url for connection.

GJC Web Design

#3
April 21, 2016, 20:04:50 PM
Quote2.0.12f

vm2.0.12f ?????

if so wouldn't worry.. you'll be hacked long before the requirement..  ;)
GJC Web Design
VirtueMart and Joomla Developers - php developers https://www.gjcwebdesign.com
VM4 AusPost Shipping Plugin - e-go Shipping Plugin - VM4 Postcode Shipping Plugin - Radius Shipping Plugin - VM4 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
https://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

neo314

#4
April 21, 2016, 22:10:54 PM
Quote from: GJC Web Design on April 21, 2016, 20:04:50 PM
Quote2.0.12f

vm2.0.12f ?????

if so wouldn't worry.. you'll be hacked long before the requirement..  ;)

Thanks, that is really helpful.

For what it is worth, the site runs 2.0.22a but the plugin reports 2.0.12f, and the client has to want to upgrade. Nothing comes for free.

Studio 42

#5
May 01, 2016, 18:20:54 PM
Hi Neo,
GJC Web Design want to inform you, that in all case your shop is obsolete and if some changes are done in the code, this is certainly not vm 2.0.12 compatible(or you are lucky).
This was a little Joke, but a more standard answer is.
"Please update to VM 3.0.14 and Joomla 3.5, you release is not maintained anymore since End 2015 and have vulnerabilities"

GJC Web Design

#6
May 01, 2016, 22:01:38 PM
QuoteNothing comes for free.

I am commissioned to fix at least 1-2 hacked  sites a week..  believe me.. it costs much more in time and downtime and lost sales than an upgrade to the latest stable/secure...
Even in your case to bring it to the last J2.5 with patch and VM2.6.22 would IMHO be enough...

But leaving it on 2.0.x is just ... well.. u know my opinion
GJC Web Design
VirtueMart and Joomla Developers - php developers https://www.gjcwebdesign.com
VM4 AusPost Shipping Plugin - e-go Shipping Plugin - VM4 Postcode Shipping Plugin - Radius Shipping Plugin - VM4 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
https://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation
Print
Go Up Pages1
User actions