Made to Order Software Corporation Logo

server

PHP eFax requires "ssl://" on RedHat EL7 and Ubuntu

We found out today that RedHat LE7 requires the use of the "ssl://" protocol instead of the default "tls://". The error we are getting from PHP looks like this:

PHP Warning:  stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version in .../lib/http_request.php on line 294
PHP Warning:  stream_socket_client(): Failed to enable crypto in .../lib/http_request.php on line 294
PHP Warning:  stream_socket_client(): unable to connect to tls://secure.efaxdeveloper.com:443 ...

SMS From Me Service

SMS From Me Logo SMS From Me is a service offered by Made to Order Software Corporation that allows registered users to automatically send SMS whenever they receive a lead in their funnel.

This solution lets you sends SMS message from your phone, which means that you start a conversation with your prospect.

PHP e-Fax requires valid SSL certificates (failed with code 1)

As e-Fax is updating their systems further to be compliant with various security systems, some new problems may arise on your servers.

The main one is an SSL error that is quite unclear.

Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed in /path-to-php-efax/http_request.php on line 294

As we can see, the error mentions a server certificate function and says it could not verify a certificate.

If your server is not 100% up to date with newest SSL versions or your web ...

Make sure your Thunderbird does not use SSL to avoid POODLE attack

A few days ago the news that SSLv3 was no good came out. The protocol allows for patterns that can be used by a hacker to decipher an encrypted message without the need for the private key. In other words, encryption using SSLv3 is no good (anymore--it never was, but we know this only now.)

We fixed our Apache2 settings, for those interested, you just have to turn off SSLv3 with the following setting:

SSLProtocol all -SSLv2 -SSLv3

Although to really remove all the encryption methods that are not that secure (can easily be cracked) you also want to change the list of ciphers with:

 ...

CAPTCHA is not working against all robots anymore but...

No Junk Mail written on the mailbox window of this door.

Also many reCAPTCHAs are being bypassed, it still work against many robots, although newer robots use Artificial Intelligence and they are quickly able to bypass most of the reCAPTCHAs.

At some point, the main reason for the bypass was the fact that some people were getting paid to resolve those reCAPTCHAs. In other words, some people were offered the job to do just that! They go to a computer, resolve many reCAPTCHAs and get paid something like 2 cents per successful resolutions. The result is that websites with reCAPTCHAs still receive a lot of spam!

In 2017, it looks like such ...

Security Issue in many mail systems

It always amazes me when one finds a security issue that looks like something that should never have happened in the first place.

This one was found earlier this year by Wietse Venema who first discovered the issue in Postfix.

He fixed the Postfix server quickly, however, he went further. He actually tested many other servers sending commands that bypass that very security measure and to his surprised he found out that Postfix wasn't the only system affected by the problem.

For those interested, all the details of the problem can be found on the Postfix website as CVE-2011-411.

A ...

Upgrade to PHP 5.3.3 or newer because of security issue

If you are responsible for a Debian or Ubuntu server and run PHP on it, make sure to run the following command to fix several security issues found in PHP:

sudo apt-get install php5-suhosin

This will make the necessary and your PHP version (security wise) will look like you have PHP 5.3.3.

What I found quite annoying in regard to this issue is the fact that it was very difficult to find a mention of this upgrade. All I could find in large number were people saying that you'd have to get an upgrade using the source code of PHP. Somehow, I did not feel like upgrading PHP from ...

MobileKey global settings

The MobileKey module comes with the following settings. These settings are found here:

Administer » Site configuration » MobileKey

Front Page Redirect

Since you generally give one URL to your users, your home page (called Front Page in Drupal), it can be practical to send Mobile phone users to a special URL so when they access your site they see a better adapted front page than the usual.

The settings accept a local path (i.e. mobile) or a full path (i.e. http://mobile.example.com/).

Note that this gives you a way to use the ThemeKey capability to change the theme of all ...

MobileKey addition to ThemeKey

The main idea of MobileKey is to give you the capability to switch your website theme to a mobile specific theme when the user access your site from one's mobile phone. A mobile theme will make it easier to access your website on a mobile device.

For go to the ThemeKey settings page:

Administer » Site configuration » ThemeKey

The MobileKey adds one selection to the list of attributes to match. The new selection is called:

mobile:device

This works everywhere on your website (it is a global option, not specific to any kind of pages.) The system checks different parameters to

Protected Node Password Field set

Once installed and properly configured, the Protected node module adds a field set in the node edit form (assuming the user has the corresponding permission: "edit any password" or "edit password <node type>".)

Password field set sample.This field set includes two flags, a password, and emails (optional.)

By default, the field set is closed unless you selected protected by default. Whether the field set should be opened or closed can selected in the node type settings.

The <node type> is protected

The first check box is used to password