PDA

View Full Version : PCI Compliance



Amy Louise
07-10-2010, 08:03 AM
I tried to go through Trustwave's PCI Compliance and got check marks throughout but my screening test failed. I contacted my merchant provider and asked them for assistance. My agent tried to go through the screening process saying he was curious as to how Trustwave responded to their customers and, apparently, he didn't get results either.

The last message he sent me was:
Ask Miva for their certificate for pci compliance, they should be able to provide you with the certificate number which you can in turn give to Trustwave.

Prior to that, he suggested my hosting company would have a certificate.

Does Westhost have some kind of certificate they can supply? I'll go over to the Miva forum and ask there as well.

Any advice and assistance appreciated.
Thank you,

Amy

wildjokerdesign
07-11-2010, 07:30 AM
I am pretty sure that WestHost is PCI compliant. I spoke with Kyler via chat and he suggested that you submit a support ticket with your pci compliance information and they should be able to find any issues for you and get them resolved.

gcfi
07-27-2010, 01:25 PM
Amy - I too am having a PCI compliance issue. According to my recent PCI compliance scan, the version of phpMyAdmin must be 3.1.3.2 or "or apply the patches referenced in the project's advisory." Also, my scans are showing that MediaWiki must be 1.15.3 / 1.6.0beta2 or later. From what I understood from the move to the new server farm, one reason was to address PCI compliance issues.

trailex
07-28-2010, 02:37 PM
Yes I made the move to 4.0 in hopes it would cure or at least tone down my PCI failure rate it has not, the problem is that I am the middle man talking with the host and the scan company relaying information back and forth, the scan conmpany won't authoirze a false positive westhost can't answer the problem unless it has a cve number, I'm stuck in the middle failing scan after scan, trying to find my own remedies spending valuable time trying to iron this out and understand why I cannot find answers.

I have 11 high issues with open ports, an ssl issue with the cert that scans aport that only shows westhost cert 2087, an httponly issue that I cannot find any information on for zencart, I spend at least 10 hours of my work week dealing with this, as responses come god awful slow days between responses sometimes, I was tols some of the open ports are for control panel and they need to be open by westhost the scan company says close them