I’m curious too. All of our site’s images are hosted on S3 to take the delivery weight off our server. I’m guessing most people that use this plugin are doing the same for their WordPress sites.
It seems like only the client (person browsing from an old unpatched for POODLE browser) would be affected and possibly not see images.
Any comment from Brad Touesnard on this issue? I have a number of buckets on AWS which are uploaded to using the AWS S3 and Cloudfront plugin.
Would be good to get a word from the author on this issue as the revised deadline is looming.
We are investigating the issue and we’ll have more information available soon.
Hi,
I spoke directly to AWS technical support and I want to share what I’ve learned.
In a nutshell, if your customers are accessing your S3 data via a modern web browser, everything is ok and no changes required on your end 🙂
== Response from AWS: ==
AWS will be removing the ability for S3 clients to negotiate SSLv3 connections to the global S3 endpoints (not the buckets).
Going forward, for secure connections S3 clients will be required to support TLS 1.0 and above, TLS has been the standard for many years now.
There are no changes required to be made by you with respect to the bucket, bucket properties or URLs accessing the buckets.
This change will not impact most current, up-to-date web browsers and applications as all modern web browsers, SDK’s and API’s now support TLS 1.x.
If you received an email from us listing effected buckets, then those buckets were accessed by at least 1 client at least 1 time using SSLv3 as the communication protocol with in the last month.
Thanks TrueThemes!
Glad to know it won’t be the apocalypse!
