Colin

Well what a crazy past few days, I have been working on not only updating our PCI compliance since our site is on multiple servers but also trying out the different PCI compliance providers. So far have tried 2 main suppliers:

McAfee Secure

Hackerguardian

Now we have had PCI compliance for a few months on a couple of servers and on our site however keeping software up to date is a nightmare. I will give an example, one site tells me that php is out of date the other its fine(php ver 5.2.13). I have problems with Vbulletin on one site but not on the other, dwmail on one not the other, the list goes on. I will detail below the software that failed on one and not the other.

• Vbulletin
• Dwmail
• Mailman
• Idevaffiliate
• Joomla
• PHP
• Apache
• Kayako(nightmare)

Thats just the important ones. I have had to use mod_rewrite to make all logins secure with SSL, changed the way some of the scripts interact with the server and LOADS more.

All this to make sure that the business and ecommerce accounts will now have the option of gaining full PCI compliance at a fraction of the price of the major competition 2 of whom have been deatiled above.

All in all I would thoroughly recommend having a bash at trying to get your site/server PCI compliant in a 4 day timeframe, I will tell you now it will drive to you to drink.

Right I am off for a G&T, cheers