Page 1 of 1
Unencrypted Sensitive Form Detected
Posted: Wed Aug 11, 2010 11:48 am
by crazyjoe
I'm getting this PCI Compliance error and my host company says it's an issue with AbleCommerce. Has anyone gotten this message on their PCI Compliance reports or have any idea how I could go about fixing it? I am using 7.0.4.
Re: Unencrypted Sensitive Form Detected
Posted: Thu Aug 12, 2010 3:17 am
by mazhar
Did you configured your store encryption key or not? You didn't mentioned location, so can you provide some more details?
Re: Unencrypted Sensitive Form Detected
Posted: Thu Aug 12, 2010 9:12 am
by mikek
We host many AbleCommerce and AspDotNetStorefront sites and we have never had to make any AbleCommerce configuration changes in
order to pass PCI Compliance tests.
It is always the server side configuration that requires PCI Compliance adjustments (including server registry key settings, firewall and application pool settings).
Re: Unencrypted Sensitive Form Detected
Posted: Thu Aug 12, 2010 1:53 pm
by Logan Rhodehamel
It might help if you posted what form it is that's being flagged - perhaps you could do it via PM if you are worried about exposing it publicly.
Re: Unencrypted Sensitive Form Detected
Posted: Mon Aug 30, 2010 9:22 am
by crazyjoe
Logan, I PM'd you my details and I haven't heard back. I'm swimming in PCI in-Compliance right now and I need your assistance. Can you please see what it setting off my PCI scans?
Re: Unencrypted Sensitive Form Detected
Posted: Tue Oct 05, 2010 5:15 pm
by BryanWarmoth
Did you ever find a fix for this problem? We just got the same error on one of our category list pages.
It is only on one of them though not all of them, which i find a little strange .
Re: Unencrypted Sensitive Form Detected
Posted: Wed Oct 06, 2010 6:48 am
by crazyjoe
I notified McAfee that they may have found a false positive and it is not on my reports anymore.