Results 1 to 5 of 5

Thread: PCI Compliance

  1. #1
    Join Date
    Mar 2007
    Location
    USA
    Posts
    4,904

    PCI Compliance

    Why? Why? Of all things...is THIS the most stressful part of the business? I just don't get it. All the scans are junk.

    How has someone not made a tutorial on how to build a basic PCI Compliant web server with LAMP on Centos 5.5? How?

  2. #2
    Join Date
    Jun 2009
    Location
    California
    Posts
    509
    Have you completed the PCI DSS Self-Assessment Questionnaire?

    Working through the SAQ will tell you exactly what you need to do to be in compliance.

    It shouldn't be stressful, the requirements are relatively straightforward, and for the most part a well organized security policy should already cover most of the areas (change vendor defaults, only enable necessary services, use SSL, and so on).

  3. #3
    Join Date
    Mar 2007
    Location
    USA
    Posts
    4,904
    Quote Originally Posted by MikeJohnson View Post
    Have you completed the PCI DSS Self-Assessment Questionnaire?

    Working through the SAQ will tell you exactly what you need to do to be in compliance.

    It shouldn't be stressful, the requirements are relatively straightforward, and for the most part a well organized security policy should already cover most of the areas (change vendor defaults, only enable necessary services, use SSL, and so on).
    Yeah, it wasn't too terrible. Turned out the guy I hired didn't know what he was doing, which is why it was stressful.

    I found some time the other day provisioned a test server with CentOS and got everything the way i wanted myself and passed the scan. Took a whole 40 minutes. Wasn't too bad.

  4. #4
    Join Date
    Jun 2005
    Location
    New York
    Posts
    2,882
    There are a number of management companies that can help get you PCI compliant, you may want to look into using one of them for help
    XeHost.net - Hosting websites since 1999!
    Shared Hosting, Cloud Hosting, Reseller Hosting, VPS Hosting, and Dedicated Servers
    End-User Support, WHMCS, and WHMReseller Available on Reseller Plans!
    Follow us on Twitter - new special every Sunday! @XeHost

  5. #5
    Join Date
    Jun 2009
    Location
    California
    Posts
    509
    Quote Originally Posted by Noppix View Post
    Turned out the guy I hired didn't know what he was doing
    That's all too common, unfortunately. Glad you were able to get everything worked out.

Similar Threads

  1. PCI Compliance
    By ColoJS in forum Colocation and Data Centers
    Replies: 15
    Last Post: 06-01-2010, 11:55 AM
  2. PCI Compliance- Is anyone even doing it?
    By KatzenJammer in forum Ecommerce Hosting & Discussion
    Replies: 39
    Last Post: 06-10-2009, 01:25 PM
  3. How to go about PCI compliance?
    By ramdak5000 in forum Hosting Security and Technology
    Replies: 2
    Last Post: 01-15-2008, 12:55 AM
  4. PCI Compliance
    By Janegirl in forum Ecommerce Hosting & Discussion
    Replies: 6
    Last Post: 11-26-2006, 02:17 PM
  5. PCI compliance
    By alosito in forum Web Hosting
    Replies: 7
    Last Post: 08-23-2006, 10:41 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •