Announcement

Collapse
No announcement yet.

Our store failed PCI compliance

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Our store failed PCI compliance

    We recently failed PCI compliance. Does 3dcart have a fix for the new vulnerabilities discovered by McAfee?
    We failed on the following two high risk areas:

    1) Sensitive Cookie Missing 'HTTPONLY' Attribute

    2) mailing list sensitive information not encrypted

    Updates?

  • #2
    Mine failed last month too, for the first time, but I submitted a ticket and it was promptly taken care of. New scan was fine.

    Comment


    • #3
      It's just frustrating that 3dcart code is not a global implementation. Each store has unique code.
      Why would customer service need to know what failed in the McAfee scan? Should not EVERY 3dcart store fail the same scan?
      Why would one store fail and another not?
      Surely I'm not the only store that has McAfee running PCI compliance scans against it?!

      Comment

      Working...
      X