Unencrypted Sensitive Form Detected

For general questions and discussions specific to the AbleCommerce 7.0 Asp.Net product.
Post Reply
crazyjoe
Commander (CMDR)
Commander (CMDR)
Posts: 172
Joined: Mon Apr 26, 2010 2:20 pm

Unencrypted Sensitive Form Detected

Post by crazyjoe » Wed Aug 11, 2010 11:48 am

I'm getting this PCI Compliance error and my host company says it's an issue with AbleCommerce. Has anyone gotten this message on their PCI Compliance reports or have any idea how I could go about fixing it? I am using 7.0.4.
Crazy Joe Sadloski
Webmaster
Hot Leathers Inc.
http://www.hotleathers.com
Top
User avatar
mazhar
Master Yoda
Master Yoda
Posts: 5084
Joined: Wed Jul 09, 2008 8:21 am
Contact:
Contact mazhar

Re: Unencrypted Sensitive Form Detected

Post by mazhar » Thu Aug 12, 2010 3:17 am

Did you configured your store encryption key or not? You didn't mentioned location, so can you provide some more details?
Top
User avatar
mikek
Commander (CMDR)
Commander (CMDR)
Posts: 112
Joined: Wed Oct 15, 2008 9:30 pm
Location: Boston, MA
Contact:
Contact mikek

Re: Unencrypted Sensitive Form Detected

Post by mikek » Thu Aug 12, 2010 9:12 am

We host many AbleCommerce and AspDotNetStorefront sites and we have never had to make any AbleCommerce configuration changes in
order to pass PCI Compliance tests.

It is always the server side configuration that requires PCI Compliance adjustments (including server registry key settings, firewall and application pool settings).
Mike Kolev
Top
User avatar
Logan Rhodehamel
Developer
Developer
Posts: 4116
Joined: Wed Dec 10, 2003 5:26 pm

Re: Unencrypted Sensitive Form Detected

Post by Logan Rhodehamel » Thu Aug 12, 2010 1:53 pm

It might help if you posted what form it is that's being flagged - perhaps you could do it via PM if you are worried about exposing it publicly.
Cheers,
Logan
Image.com

If I do not respond to an unsolicited private message, it's not because I'm ignoring you. It's because the answer to your question is valuable to others. Try the new topic button.
Top
crazyjoe
Commander (CMDR)
Commander (CMDR)
Posts: 172
Joined: Mon Apr 26, 2010 2:20 pm

Re: Unencrypted Sensitive Form Detected

Post by crazyjoe » Mon Aug 30, 2010 9:22 am

Logan, I PM'd you my details and I haven't heard back. I'm swimming in PCI in-Compliance right now and I need your assistance. Can you please see what it setting off my PCI scans?
Crazy Joe Sadloski
Webmaster
Hot Leathers Inc.
http://www.hotleathers.com
Top
User avatar
BryanWarmoth
Lieutenant, Jr. Grade (LT JG)
Lieutenant, Jr. Grade (LT JG)
Posts: 44
Joined: Fri May 23, 2008 11:24 am
Location: Puyallup, Wa
Contact:
Contact BryanWarmoth

Re: Unencrypted Sensitive Form Detected

Post by BryanWarmoth » Tue Oct 05, 2010 5:15 pm

Did you ever find a fix for this problem? We just got the same error on one of our category list pages. :( It is only on one of them though not all of them, which i find a little strange .
Bryan Bingham
Warmoth Guitar Products Inc.
bryan@warmoth.com
http://www.warmoth.com
Top
crazyjoe
Commander (CMDR)
Commander (CMDR)
Posts: 172
Joined: Mon Apr 26, 2010 2:20 pm

Re: Unencrypted Sensitive Form Detected

Post by crazyjoe » Wed Oct 06, 2010 6:48 am

I notified McAfee that they may have found a false positive and it is not on my reports anymore.
Crazy Joe Sadloski
Webmaster
Hot Leathers Inc.
http://www.hotleathers.com
Top
Post Reply

Return to “AbleCommerce 7.0 Asp.Net Shopping Cart”