Print Page | Close Window

Security

Printed From: ProductCart E-Commerce Solutions
Category: ProductCart
Forum Name: Using ProductCart
Forum Description: Running your store with ProductCart
URL: https://forum.productcart.com/forum_posts.asp?TID=5617
Printed Date: 10-March-2025 at 2:46pm
Software Version: Web Wiz Forums 12.04 - http://www.webwizforums.com


Topic: Security
Posted By: steverguy
Subject: Security
Date Posted: 20-May-2013 at 2:24pm
So... we get our site scanned every so often for PCI complience.  This time around we failed due to "Web Application Transmits Login Credentials Without Encryption"  regarding http://www.oursite.com/pc/checkout.asp?cmode=1" rel="nofollow - http://www.oursite.com/pc/checkout.asp?cmode=1 .  (that's not really our domain...Big smile).
Our product cart settings are set to go secure when someone registers or logsin.  To be safe, all of my links for logging in include our full domain path, including the https://  - but, if you go to http://www.blahblah.com/pc/checkout.asp?cmode=1" rel="nofollow - http://www.blahblah.com/pc/checkout.asp?cmode=1  directly you can login without it switching to SSL. 
 
Shouldn't this change to ssl regardless of how I navigate to the page?


-------------
"Remember, 72.5% of all statistics are made up."


Replies:
Posted By: Hamish
Date Posted: 20-May-2013 at 3:12pm
Hi Setverguy, yes, we take security very seriously, please raise a support ticket so we can help  identify the issue.

-------------
Editing ProductCart Code?

See http://wiki.earlyimpact.com/developers/editcode" rel="nofollow - WIKI Guidelines for Editing ProductCart's ASP Source Code



Print Page | Close Window

Forum Software by Web Wiz Forums® version 12.04 - http://www.webwizforums.com
Copyright ©2001-2021 Web Wiz Ltd. - https://www.webwiz.net