GoFuckYourself.com - Adult Webmaster Forum - View Single Post

Babaganoosh · 06-16-2015, 04:42 PM

What level of PCI compliance do you require? If you need a PCI cage or something like that, it's almost always an extra charge. To just make the server itself PCI compliant isn't really that difficult. If you have managed hosting, that should be included in your management services.

The actual PCI scan will be your responsibility however. My only advice there is to avoid trustwave as they want TLS 1.0 completely disabled which isn't practical right now. Disabling weak ciphers is sufficient for other scanners until support for TLS 1.1+ is more common.

06-16-2015, 04:42 PM
Babaganoosh ♥♥♥ Likes Hugs ♥♥♥ Industry Role: Join Date: Nov 2001 Location: /home Posts: 15,841	What level of PCI compliance do you require? If you need a PCI cage or something like that, it's almost always an extra charge. To just make the server itself PCI compliant isn't really that difficult. If you have managed hosting, that should be included in your management services. The actual PCI scan will be your responsibility however. My only advice there is to avoid trustwave as they want TLS 1.0 completely disabled which isn't practical right now. Disabling weak ciphers is sufficient for other scanners until support for TLS 1.1+ is more common. __________________ I like pie.