[BlueOnyx:04498] Re: PCI scans -trying again without the report

Doug Harvey dwh1958 at gmail.com
Sat May 15 15:24:43 -05 2010 

I have to agree with Jeff on this one. I too went through the PCI nightmare,
the server(s) that are running my site are on a Unix platform (not shared)
and it still took 3-4 months of work on my end and working with the hosting
company to get the 99.9% PCI compliance that I wanted.  It was a lot of work
and I was fortunate to have good people at the hosting company and the
merchant provider I use working with me, giving me tips and so on.

Bottom line is this.

#1) The only information that my database stores is the obvious
name/address, etc and the first four digits of the CC number.

#2) If I have to issue a partial or full refund for any reason, the code
that I wrote into the site will communicate directly with the merchant using
transaction numbers to do any extra processing.

#3) If the customer is a recurring customer, (i.e. monthly charge) I can set
that up at the merchant's web site so I do not have to mess around with a
monthly charge.

It's just good business sense to have good hosting & merchant services to
get a good PCI report.

Last, but not least, I signed up with both McAfee and Comodo to do my scans
so there wasn't any doubt when I faxed my reports to Visa/merchant provider
that I had passed and that the reports were valid.

Doug




On Sat, May 15, 2010 at 11:47 AM, webmaster <webmaster at oldcabin.net> wrote:

>
>
> Hay Ralf,
>
> The moderator held the post with the report.
> I posted another email saying I would post the report if someone wanted it.
>
> Jeff was so kind to reply requesting the report so I have sent
> another email with that link.  Thank you Jeff
>
> Thank you SOOOOOOOOOOOOOOOOO.  much for your help.
>
>
>
> >Are you serious?
> >How do you expect to get any serious feedback if you do not actually
> >provide any info about (like the report you said you attached but
> >that simply didn't show up)?
> >
> >Ralf
> >
> >_______________________________________________
> >Blueonyx mailing list
> >Blueonyx at blueonyx.it
> >http://www.blueonyx.it/mailman/listinfo/blueonyx
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at blueonyx.it
> http://www.blueonyx.it/mailman/listinfo/blueonyx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20100515/0e0e2759/attachment.html>

More information about the Blueonyx mailing list