Results 1 to 21 of 21
  1. #1
    Join Date
    Jan 2003
    Posts
    674

    Question Need to use my credit card for upgrade payment, no SSL, will it be safe?

    Hello all,

    I signed up e-insites, and I plan to upgrade through there control panel cwipanel. Problem is I noticed they require me the whole credit card number and CW2 numbers, is this safe?

    I asked them about this and they said that due to how the control panel was made, this is not possible....

    What do you guys think?

    Scout

  2. #2
    Join Date
    Dec 2003
    Location
    Boston, MA
    Posts
    608
    without SSL, Ouch!!! I would call them and give the numbers over the phone before I typed anything in an unsecured area.
    Axcelx Technologies - James
    Boston Colocation | Boston VPS
    Massachusetts Server Colocation, Dedicated Servers & VPS

  3. #3
    Join Date
    Aug 2003
    Location
    Vancouver, BC
    Posts
    1,894
    The fact that you are asking means you shouldn't. If you don't feel safe then don't use that option to purchase. Fax it or phone it in.
    Gary Jones

    BlueFur.com - Canada Web Hosting

  4. #4
    Join Date
    Feb 2003
    Location
    Kuala Lumpur, Malaysia
    Posts
    4,980
    Even with SSL, some people think that it is insecured. A business without SSL, its BS. I won't even try it.

  5. #5
    Join Date
    Sep 2002
    Location
    Pittsburgh, PA U.S.A.
    Posts
    163
    Absolutely Not Safe!

    Good luck,
    Scott
    ~Scott Bannon
    BanProNET - A Different Kind Of Network - Affiliate Program
    7 Locations On 3 Continents | Building Today With Thinking For Tomorrow

  6. #6
    Join Date
    Nov 2003
    Location
    United States
    Posts
    1,233
    I would not try it at all. Like UltraUnixNET stated, a business without SSL is BS.

  7. #7
    Hey Scout,

    We have another place to do this. Log in at https://www.e-insites.com/support/

    We have not made the control panel SSL ready as yet. We will have certs installed on the panel this week.

    Regards,
    Alvin Slocombe
    E-Insites - "Web services, simplified."

  8. #8
    Join Date
    Jan 2003
    Posts
    674
    Where? I only update in billing information and ticket support...

    and you mean you already set that up on the control panel knowing its not secure? what if someone who has no Exp, logs in and signs up?

    I know occurences like these are rare, but man it can kill!

  9. #9
    We did our panel much like CPanel, on non standard ports, and with no billing stuff on it. It will work with SSL and always could, it just has not had a certificate installed on it as yet. The certs will be installed by Monday.

    If someone knew your username and password to be able to log in, then there just having an SSL cert on the site would not matter since they have the username and password. The only way to log in is with these usernames and passwords. We store those on servers that are not public servers and only seen on our internal network.
    Alvin Slocombe
    E-Insites - "Web services, simplified."

  10. #10
    Oh, whoops forgot to reply about the renew account link. Apparently it is not on that site, so wait until Monday for the certs to be installed. They may be done by tomorrow as well. I will let you know.
    Alvin Slocombe
    E-Insites - "Web services, simplified."

  11. #11
    Join Date
    Jan 2003
    Posts
    674
    Well, I submitted my credit card info onto your secured trouble ticket through the billing department, please check. thanks..

  12. #12
    Join Date
    Apr 2003
    Location
    Las Vegas, NV -- USA
    Posts
    296

    Re: Need to use my credit card for upgrade payment, no SSL, will it be safe?

    Originally posted by Scout
    Hello all,

    I signed up e-insites, and I plan to upgrade through there control panel cwipanel. Problem is I noticed they require me the whole credit card number and CW2 numbers, is this safe?

    I asked them about this and they said that due to how the control panel was made, this is not possible....

    What do you guys think?

    Scout
    NO!

    Not only is it not safe, it is against VISA and MasterCard regulations for them to be accepting card information in this manner. If they are too cheap to buy an SSL certificate, I doubt very much they have any other security measures in place.
    --Steve (blog)

    Shift4 Corporation -- Secure payment processing

  13. #13
    Hi Steve,

    When did this post become about us being cheap. That was certainly uncalled for. We have over 20 SSL certs for our sites and servers. It was just that the control panel for resellers mistakenly had billing stuff integrated before we had the SSL installed on the control panel sites for resellers. Also if you actually read the post you would see that we contacted the customer and replied to them and let them know it would be solved, so the post needed no more input.
    Alvin Slocombe
    E-Insites - "Web services, simplified."

  14. #14
    Join Date
    Apr 2003
    Location
    Las Vegas, NV -- USA
    Posts
    296
    Originally posted by alfturtle
    When did this post become about us being cheap. That was certainly uncalled for.
    Sorry for the reference to cheap and I should have read the entire chain prior to posting. In my defense, most threads related to no SSL cert boil down to someone not wanting to spend the money to get a cert and if they don't think a cert is worth the price, how much value do they place on overall security?

    Anyway, sorry for the reference to cheap.

  15. #15
    Join Date
    Jan 2003
    Posts
    674
    Hi alfturtle, your support still insisted that I go to the control panel to upgrade my account, can you please check on that? Coz I really need more IP's by monday ASAP...

    thanks

  16. #16
    Join Date
    Nov 2002
    Location
    ON, Canada
    Posts
    290
    I agree, no SSL, not safe to provide your Credit Card #.

  17. #17
    Join Date
    Mar 2002
    Location
    In My Own World
    Posts
    973
    Originally posted by ScottBannon
    Absolutely Not Safe!

    Good luck,
    Scott
    Absolutely.

    Why would someone think of doing billing without SSL?

    Tracy Phillips

  18. #18
    Hey Scout,

    Email me at alvin@e-insites.com, with your resellerId and I will give you the secure link for your account.
    Alvin Slocombe
    E-Insites - "Web services, simplified."

  19. #19
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    14,135
    I agree:
    If you're asking, then most definitely NO, do NOT post your credit card number on that specific site.

    There's no rules too strict when dealing with CC information. CC theft is no laughing matter, not at all.
    Tom Whiting, WHMCS Guru extraordinaire
    Linux problems? WHMCS Problems? Give me a shout
    Check out my WHMCS Addons

  20. #20
    Join Date
    Nov 2003
    Location
    on the 'net
    Posts
    1,187
    I think it's ridiculous that your hosting company would even think of asking for CC info on a non-secure page. Even if they intend to "install SSL by Monday". They never, ever should have allowed that form into the wild without SSL!

    I agree with another poster - if they do this, what else do they do with your personal information?

  21. #21
    We never asked for the information without SSL. As I mentioned before they all sign up via SSL, and no one has had to renew before, and it was an oversight that the SSL was not on the panel for those who wanted to renew.

    We dealt with this with the client, and this has been blowed up to be something that it is not.
    Alvin Slocombe
    E-Insites - "Web services, simplified."

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •