Welcome to WebmasterWorld Guest from

Forum Moderators: buckworks

Message Too Old, No Replies

E-commerce Security: SSL

Novice Needs Familiarity With SSL and more



9:54 pm on Sep 21, 2007 (gmt 0)

5+ Year Member

Hi All,

I am creating a web site that will accept payment via credit cards and i have no idea the kind of security that will be required to make this as safe as it can possibly be.

I need to know what to do in this regard.

I am also creating a backend database for registering and to login members/users

I have been reading up on SSL which i think i could use to secure all data between my MySQL database and my web clients.

Will i need to get intouch with a CA for this?

If anyone can direct me to a good web resource or article, or maybe even an e-book that deals with this kind of stuff, i would be greatful

Thanks in advance for your time.

All suggestions welcomed.


6:56 pm on Sep 30, 2007 (gmt 0)

10+ Year Member


If you are planning to become a service provider that handles Credit Card data, then you really want to read up on the Payment Card Industry Data Security Standards (PCI DSS)

Basically, there are a whole bunch of security requirements that you need to comply with or face loosing your merchant customer's card processing rights and possibly exposing yourself to legal action and/or fines.

Decent overview on Wikipedia:

Official home of the standards organization:


8:01 am on Oct 2, 2007 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

PCI Compliance Guide [pcicomplianceguide.org]

If, however, you plan on using a secure gateway to process credit cards, and not store credit card information on your server, PCI compliance is not your issue, it is the gatway provider's responsibility.

What you will need is an SSL cert installed on your server so you can connect to the gateway, they will refuse connections from non-secure locations.


Featured Threads

Hot Threads This Week

Hot Threads This Month