GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Looking for PCI compliant hosting (https://gfy.com/showthread.php?t=1168514)

BareBacked 06-16-2015 04:29 PM
Looking for PCI compliant hosting
 
Hi there. I require a PCI compliant server.
Can you tell me does your host charge extra for this?? What are the options?

Babaganoosh 06-16-2015 04:42 PM
What level of PCI compliance do you require? If you need a PCI cage or something like that, it's almost always an extra charge. To just make the server itself PCI compliant isn't really that difficult. If you have managed hosting, that should be included in your management services.

The actual PCI scan will be your responsibility however. My only advice there is to avoid trustwave as they want TLS 1.0 completely disabled which isn't practical right now. Disabling weak ciphers is sufficient for other scanners until support for TLS 1.1+ is more common.

BareBacked 06-16-2015 04:53 PM
Quote:
Originally Posted by Babaganoosh (Post 20500084)
What level of PCI compliance do you require? If you need a PCI cage or something like that, it's almost always an extra charge. To just make the server itself PCI compliant isn't really that difficult. If you have managed hosting, that should be included in your management services.

The actual PCI scan will be your responsibility however. My only advice there is to avoid trustwave as they want TLS 1.0 completely disabled which isn't practical right now. Disabling weak ciphers is sufficient for other scanners until support for TLS 1.1+ is more common.
I am not sure the exact "level" the one for accepting credit cards and using netbilling :) I will check on that. I appreciate your input. I do have managed hosting and need some software upgrades basically is all. It seems its not included and I want to hear what others are doing about it

plaster 06-16-2015 05:05 PM
You don't need anything special. You need ssl cert. That is not outdated installed on the domain which you will use to collect card info.

Also, collecting card data and passing it to gateway is the norm. The pci compliance questions your gateway asks to complete should be the short version, about 5 pages max.

You do not store the actual card numbers so you are not obligated to provide the more stringent pci compliance requirements and questions, about 115 pages of questions regarding your policies.

sandman! 06-16-2015 05:46 PM
Most managed providers will charge extra for it because it means a shitload of updates all the time.

Hit me up if your looking for a quote :thumbsup

NETbilling 06-17-2015 12:26 AM
Quote:
Originally Posted by BareBacked (Post 20500078)
Hi there. I require a PCI compliant server.
Can you tell me does your host charge extra for this?? What are the options?
Hi,

We he naked all data storage for you so all you need is an SSL certificate if you are hosting the join/payment pages. Contact our support department for a recommendation. We have a deal with Digicert as well. Send me an email for a recommendation as well if you wish to Mitch at Netbilling.com

Thanks

BareBacked 06-17-2015 10:51 AM
HI Mitch. Thanks for posting. I sent you an email :)

NETbilling 06-18-2015 12:53 PM
Quote:
Originally Posted by BareBacked (Post 20500821)
HI Mitch. Thanks for posting. I sent you an email :)
You bet!


All times are GMT -7. The time now is 07:04 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc