Made to Order Software Corporation Logo

Alexis Wilke's blog

PHP eFax requires "ssl://" on RedHat EL7

We found out today that RedHat LE7 requires the use of the "ssl://" protocol instead of the default we use of "tls://".

If you have a RedHat server, please make sure to edit the http_request.php file and search for "tls:". Then replace it with "ssl:".

The TLS protocol is defined in RedHat, but somehow it looks like PHP does not define it. The stream_socket_client() function returns immediately with an $errno = 0 and $errstr = "" and absolutely no other indications to what is wrong when that happens.

So in our PHP eFax, you need to do that ...

The set_fax_id() function PHP e-Fax must be given unique IDs, each time.

Fax button on an old type of fax machine

The PHP eFax system uses a class that ease the communication between your software and eFax. The developer system is not too complicated, but there are tricks to it and the class hides most of them.

Today a customer contacted us as they just purchased a copy of our PHP library and had problems sending faxes. The fact is that they used the set_fax_id() function with a hard coded string. Imagine doing something like:

$efax->set_fax_id("Test Fax");

This looks pretty good, only after the second time the sending of the fax will fail because eFax considers that it was already ...

PHP e-Fax requires valid SSL certificates (failed with code 1)

As e-Fax is updating their systems further to be compliant with various security systems, some new problems may arise on your servers.

The main one is an SSL error that is quite unclear.

Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed in /path-to-php-efax/http_request.php on line 294

As we can see, the error mentions a server certificate function and says it could not verify a certificate.

If your server is not 100% up to date with newest SSL versions or your web ...

Make sure your Thunderbird does not use SSL to avoid POODLE attack

A few days ago the news that SSLv3 was no good came out. The protocol allows for patterns that can be used by a hacker to decipher an encrypted message without the need for the private key. In other words, encryption using SSLv3 is no good (anymore--it never was, but we know this only now.)

We fixed our Apache2 settings, for those interested, you just have to turn off SSLv3 with the following setting:

SSLProtocol all -SSLv2 -SSLv3

Although to really remove all the encryption methods that are not that secure (can easily be cracked) you also want to change the list of ciphers with:

 ...

Another reason to like SeaMonkey!

As I mentioned before, I like to use SeaMonkey. In general, browsing wise, it is very much like Firefox so that's good for those people who like Firefox, they can switch without losing much else than the location where the toolbar buttons are (Quite a few are in different places).

The thing I discovered today, though, is really cool. I put a path to an email saved on my disk to see whether the HTML in that email was valid or not and it loaded at once. Just before hitting Enter I though, wait... I probably should remove the email header. Nope. No need. It actually recognized the data and ...

CAPTCHA is not working against all robots anymore but...

Also many reCAPTCHAs are being bypassed, it still work against robots.

The main reason for the bypass is the fact that some people get paid to resolve those reCAPTCHAs. In other words, some people are offered a job to do just that! They go to a computer, resolve many reCAPTCHAs and get paid something like 2 cents per successful resolutions. The result is that websites with reCAPTCHAs still receive a lot of spam!

Yet, when a stupid robot (opposed to a person) access the site, the robot tries again and again from the same computer. This means we'll get many failures from the same IP ...

US Zip Code overlay on Google Maps

Today I had a need to find out a set of zip codes that would match a delivery area for one of my customers. I was wondering how could I find out all the zip codes over a given area...

Searching a little bit I found a website named zipmap which actually does just that. The entire US is covered and you can navigate it just like you navigate a regular Google Map view. Very practical!

You can easily move around, zoom in and out, and you even see the map with street names in the background.

Bad Google Indexing "Secure" Pages...

About a week ago I got a customer who started having their website appear in Google with HTTPS (the secure version of the site.) The pages are served securily, but it uses our website certificate so you get a big bad error saying that everything is broken and if you proceed you'll know what hell is like.

"This Connection is Untrusted" by FireFoxThe fact is that this customer never had a secure certificate. In other words, there is no reason for the site to have been referenced with HTTPS unless someone typed a link to their site and inadvertendly entered https://... instead of http://...

I checked a few of the pages where there ...

Alan Turing Centenary

Starting tomorrow, Jun 23, 2012, many countries are to celebrate the centeray birth year of Alan Turing. Alan created the Turing machine concepts and formalized algorithm and computation that are now in use in all our computers (including your portable phone and your electronic watch.)

He actually participated to the creation of the first electronic computer during second world war in England. His algorithms and knowledge of cryptography gave him the necessary skills to crack the encoding of the German Enigma Machine (a form of printer that would encode messages with a level of complexity too ...

Getting Rid of Deactivated Facebook Friends

I was slowly nearing 5,000 friends when all of a sudden I had 5,089!

Wondering what was happening, a post on the Blackhat World forum caught my eye as someone mentioned the fact that he had 5,700 friends. The answer was that deactivated friends do count (they are counted as part of your friends even though they do not have an account anymore!)

I went on asking how I could get find those and you actually simply have to look at your list of friends and deactivated accounts have no picture and no "Friend" button to the right. The following picture shows you what I'm talking ...

Syndicate content Syndicate content