ProductCart Shopping Cart Software Forums : Security

ProductCart Shopping Cart Software Forums : Security https://forum.productcart.com/ Copyright (c) 2006-2013 Web Wiz Forums - All Rights Reserved. Sat, 11 Apr 2026 14:35:16 +0000 Mon, 20 May 2013 15:12:18 +0000 http://blogs.law.harvard.edu/tech/rss Web Wiz Forums 12.04 360 https://forum.productcart.com/RSS_post_feed.asp?TID=5617 <![CDATA[ProductCart Shopping Cart Software Forums]]> https://forum.productcart.com/forum_images/pc_logo_50.png https://forum.productcart.com/ <![CDATA[Security : Hi Setverguy, yes, we take security...]]> https://forum.productcart.com/security_topic5617_post21305.html#21305 Author: Hamish
Subject: 5617
Posted: 20-May-2013 at 3:12pm

Hi Setverguy, yes, we take security very seriously, please raise a support ticket so we can help identify the issue.]]> Mon, 20 May 2013 15:12:18 +0000 https://forum.productcart.com/security_topic5617_post21305.html#21305 <![CDATA[Security : So... we get our site scanned...]]> https://forum.productcart.com/security_topic5617_post21304.html#21304 Author: steverguy
Subject: 5617
Posted: 20-May-2013 at 2:24pm

So... we get our site scanned every so often for PCI complience. This time around we failed due to "Web Application Transmits Login Credentials Without Encryption" regarding http://www.oursite.com/pc/checkout.asp?cmode=1. (that's not really our domain...

Our product cart settings are set to go secure when someone registers or logsin. To be safe, all of my links for logging in include our full domain path, including the https:// - but, if you go to http://www.blahblah.com/pc/checkout.asp?cmode=1 directly you can login without it switching to SSL.

Shouldn't this change to ssl regardless of how I navigate to the page?

]]> Mon, 20 May 2013 14:24:16 +0000 https://forum.productcart.com/security_topic5617_post21304.html#21304