Jump to content
  • 0

Payment Gateways & Pci

grunt

Asked by grunt,

 Share

Question

grunt Newbie

grunt

Posted
Posted

Hi,

 

I have read many post here about this. Now I am totally confused. ( A fairly normal state for me.)

 

Do all the gateways require you to be PCI complaint or are there some that do and some that don't?

 

Domain sales, the same questions on the apis?

 

Thanks,

Confused in NC

21 answers to this question

Recommended Posts

  • 0
evolvewh Newbie

evolvewh

Posted
Posted

Hi,

 

I have read many post here about this. Now I am totally confused. ( A fairly normal state for me.)

 

Do all the gateways require you to be PCI complaint or are there some that do and some that don't?

 

Domain sales, the same questions on the apis?

 

Thanks,

Confused in NC

Not all gateways require you to be compliant but it is a good idea to be. The non merchant gateways do not require it and some of the merchant gateways don't, including Stripe, Paypal Payflow Pro and possibly others. When we used Bluepay, we had to be PCI Compliant.

 

Not sure what you mean about the domain sales / api.

  • 0
grunt Newbie

grunt

Posted
  • Author
Posted

Thanks!

 

On the api issue, I was referring to Enom, when a customer buys a domain. I was guessing Blesta had this feature, I haven't used it in years. Sorry for the confusion.

 

Best Regards,

Ed

  • 0
evolvewh Newbie

evolvewh

Posted
Posted

Thanks!

 

On the api issue, I was referring to Enom, when a customer buys a domain. I was guessing Blesta had this feature, I haven't used it in years. Sorry for the confusion.

 

Best Regards,

Ed

No worries. You'll need a reseller account with them and then you can enter your credentials into the Enom modules that comes with Blesta.

  • 0
Max Newbie

Max

Posted
Posted

Not all gateways require you to be compliant but it is a good idea to be. The non merchant gateways do not require it and some of the merchant gateways don't, including Stripe, Paypal Payflow Pro and possibly others.

 

The way Blesta implements things you do need full PCI complaince with all merchant gateways.

 

Whether or not the PSP will actually check you are compliant beforehand is a different question.

However if you are ever compromised and it turns out you were not, things may get expensive.

 

 

Some PSPs also require you to self-certify how you are using them, and may have follow-up questions if you answer that truthfully.

 

post-120-0-42659600-1455665193_thumb.png

 

Note that Blesta does NOT use tokenization clients like stripe.js.

  • 0
Michael Apprentice

Michael

Posted
Posted

Would it be secure to use Blesta on the same box you host sites on or do you need a separate box?

 

Thanks for all the help people!

Ed

 

Blesta is secure anywhere but it's good practice to have Blesta if you can offside incase the server goes down, or your client server is comprised by a Wordpress outdated exploit.

  • 0
Paul Rising Star

Paul

Posted
Posted

Ran install with Configure::errorReporting(-1);

 

Didn't see outputting, and can't find any error log???

 

Thanks!

 

Have you checked that your server meets the minimum system requirements? If you still get a blank page, your php.ini may also have error_reporting completely disabled. Depending on your server, errors would be written to your httpd logs, or a php error log. Normally this would be in /var/log/httpd/ but if you're running cPanel or Interworx the location may be different.

 

I tried visiting the link you PM'd me to your install, but there was no DNS resolution. Is the link correct?

  • 0
grunt Newbie

grunt

Posted
  • Author
Posted

Hi,

I checked the php settings. Error reporting is enabled. All the checks for requirements said they were enabled and correct. The link should be valid again, I changed permissions when I signed off last night.

 

Can find no log entries other than apache_error logs, which shows a lot of hits from 66.xxx.xx.xxx.

 

kindest Regards,

Ed

  • 0
Paul Rising Star

Paul

Posted
Posted

Interesting, when does the blank page occur exactly? What information did you submit when it happened? Do you have port 443 egress open at your firewall? The blank page could be a result of the inability to make an HTTPS request for license check, or, more commonly, there is a MySQL error.

 

What you might try is dropping all the tables in your database if they have been created, and trying the install over again from scratch. You'll also need to remove your config/blesta.php config file and re-upload the blesta-new.php file to that directory.

  • 0
grunt Newbie

grunt

Posted
  • Author
Posted

Hi,

"Interesting, when does the blank page occur exactly?"

As soon as you enter license and login info for the admin account.

 

"Do you have port 443 egress open at your firewal"

443 TCP IN and Out allowed. Not UDP.

 

Will try the rest, thanks,

Ed

  • 0
Michael Apprentice

Michael

Posted
Posted

Lets close it guys, if I can't install it by now, it is probably me. Thanks for everyone's help!

 

Thanks to All!

Ed

 

If you still have issues feel free to PM me and I'll see if I can find the issue for you.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to question listing
×
×
  • Create New...