davet Posted July 11, 2011 Share Posted July 11, 2011 I'm required by one of my merchant providers to become PCI Compliant. I passed the scan but now have some Tasks that I need to complete. One of them is as follows: ============================== PCI Milestone 2 - Network Protection All systems that store card holder data must be protected from the external network and direct public access by a DMZ and the firewall configured to only allow outbound traffic from payment applications to IP addresses within the DMZ. ============================== Should I assume that if I am using WHMCS and storing customers' credit card info then I will not be able to be PCI compliant? Is there any way of setting up WHMCS to store credit card info and still be PCI compliant? 0 Quote Link to comment Share on other sites More sharing options...
mylove4life Posted July 11, 2011 Share Posted July 11, 2011 this really has nothing to do with WHMCS more than it does with your system and network. Are you hosting it yourself or in a data center? 0 Quote Link to comment Share on other sites More sharing options...
GGWH-James Posted July 11, 2011 Share Posted July 11, 2011 PCI Compliance 0 Quote Link to comment Share on other sites More sharing options...
davet Posted July 11, 2011 Author Share Posted July 11, 2011 this really has nothing to do with WHMCS more than it does with your system and network. Are you hosting it yourself or in a data center? I host WHMCS on a dedicated cPanel server at the data center Hivelocity. 0 Quote Link to comment Share on other sites More sharing options...
davet Posted July 11, 2011 Author Share Posted July 11, 2011 PCI Compliance Thanks but I don't see any info about storing cc info within a DMZ zone. It appears that in order to be PCI compliant I need to store credit card data on a non-external server. Stored credit card info needs to be stored on a server within a DMZ zone which would require me to host a separate server for MySQL services. It appears I cannot host the MySQL data (credit card data) on the cPanel server which handles HTTP requests for WHMCS. Instead I will need to bring another server online which is in a DMZ zone accessible only from my external facing cPanel server. How does everyone else host their MySQL data for WHMCS? Do you have 2 separate servers to run WHMCS? One for Apache and one for MySQL services? 0 Quote Link to comment Share on other sites More sharing options...
mylove4life Posted July 11, 2011 Share Posted July 11, 2011 A dmz zone is really just the front face interent zone.... 0 Quote Link to comment Share on other sites More sharing options...
davet Posted July 11, 2011 Author Share Posted July 11, 2011 A dmz zone is really just the front face interent zone.... Ok thanks. I was under the impression the DMZ was not front face internet. Thanks for the reply. 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.