***Security***: API server configuration changed

Hi,

this issue affects anybody who uses our public HTTPS API[1]: A security problem has been published today that forced us to change the configuration of our API server. Support for SSLv3 had to be disabled. If you’re embedding a form in your website to check text with our HTTPS API, you might need to change the proxy.php file on your website. In proxy.php, remove the following line:

curl_setopt($curl, CURLOPT_SSLVERSION, 3);

If that line does not get removed, your text form will probably not work, because the proxy script cannot connect to our API server anymore. In case your proxy.php file doesn’t have that line and the text form works anyway, everything is okay and you don’t need to do anything.

Technical details about the security problem are available at [2].

Regards
Daniel

[1] Public HTTP Proofreading API - LanguageTool Wiki
[2] Google Online Security Blog: This POODLE bites: exploiting the SSL 3.0 fallback