Forestshopkeeper Posted August 2, 2011 Posted August 2, 2011 I am in the process of getting my website PCI compliant. One of the vulnerabilities is Improper Error Handling the error code they don't like is <br /> <b>Warning</b>: Cannot modify header information - headers already sent by (output started at /hsphere/local/home/USER/WEBSITE.com/includes/classes/split_page_results.php:2) in <b>/hsphere/local/home/USER/WEBSITE.com/includes/functions/general.php</b> on line <b>44</b><br /> This is from my several different paths, i.e. /account.php; /lohin.php; /tell_a_friend.php; /checkout_shipping.php; /login.php. I am not sure what the improper error handling is or what I am supposed to do about it. Any Thoughts????
Guest Posted August 2, 2011 Posted August 2, 2011 James, No error is normal, you need to correct the errors before trying to become PCI compliant. Read this to correct it: http://www.oscommerce.com/forums/topic/376276-headers-already-sent/page__pid__1587780#entry1587780 Chris
Forestshopkeeper Posted August 3, 2011 Author Posted August 3, 2011 Thanks for getting back Chris. I was not clear in my problem. I am not getting an error, so I have no error to correct. The problem is that when I am scanned for PCI vulnerabilities, the scan reports I have improper error handling on my website. I don't know what that means. I don't know what the error they are talking about is. I don't know how to correct. Jim James, No error is normal, you need to correct the errors before trying to become PCI compliant. Read this to correct it: http://www.oscommerce.com/forums/topic/376276-headers-already-sent/page__pid__1587780#entry1587780 Chris
Guest Posted August 3, 2011 Posted August 3, 2011 Thanks for getting back Chris. I was not clear in my problem. I am not getting an error, so I have no error to correct. The problem is that when I am scanned for PCI vulnerabilities, the scan reports I have improper error handling on my website. I don't know what that means. I don't know what the error they are talking about is. I don't know how to correct.Jim If you are not seeing the errors, then perhaps your errors have been suppressed. Chris
satish Posted August 3, 2011 Posted August 3, 2011 errors should not be displayed on your site. If you want to see errors then it should be in error logs. Displaying error will let hackers know what your file path system is.Which might give them a greater chance of hacking in. Satish Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.