Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Security Issues


lacuna

Recommended Posts

I would like to know if customer's information are secured.

 

If it is not, what should we do to secure them?

 

Can someone point me where I can find security features of osCommerce

 

Thank you

Link to comment
Share on other sites

Customer's details are stored in the database. It is your ISP's responsibility to ensure they have locked down the MySQL server properly to prevent unauthorised access.

 

Names and addresses are stored "as is" in the db. Sensitive customer information (account passwords) are encryted before they are stored.

 

The only really sensitive information that matter are credit card details. OSC does not store credit card information in it's database - instead this info is encrypted (at either 128-bit or 256-bit strength) and sent to the payment gateway for processing through a secure connection.

 

To ensure secure connections are enabled, set ENABLE_SSL to 'true' in the configure.php file.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...