Announcement

**EdHarrison** · 11-Sep-2024, 08:43 AM

A week later and nothing from support, just fail reminders from security metrics...

**Mantra** · 11-Sep-2024, 07:11 PM

Have you downloaded the scan report and sent this as an attachment to support for information / attention concerning the fails flagged up?

The report should include an explanation for each of the fails with suggestions on sources for guidance on action needed to resolve them.

**EdHarrison** · 11-Sep-2024, 11:28 PM

Hi Martin,.
Yes all done a week ago, hopefully they'll fix it soon, surely I can't be the first with sellerdeck hosting to have a PCI scan?

It worries me that the hosting I pay a lot for in the 365 package is not currently PCI compliant.

**Mantra** · 09-Oct-2024, 08:28 PM

Hi Ed
Did you get the scan fails resolved and were they all related to hosting?
Also were these new fails that were not flagged up by a previous Security Metrics 90 day scan run?

**EdHarrison** · 09-Oct-2024, 08:35 PM

Unfortunately it is an issue related to Sellerdeck hosting and support are aware but have said it could be some time.

This was my first scan in a few years as using PayPal it wasn't required until PCI 4.0 came in.

I am concerned as it is a Month now without it being resolved.

**zgap111** · 10-Oct-2024, 09:17 AM

The first two should be resolved fast (do a quick Google and you can see the fixes are simple)

but the 3rd one... we used to be on a shared host (not Sellerdeck) and our host would not change that setting
as it would affect customers with versions of Sellerdeck/Actinic that doesn't support Secure FTP.

(You can do a ip search that shows what domains are hosted on it - can give you an idea of the situation)

**EdHarrison** · 10-Oct-2024, 09:37 AM

Thank you, I pay a lot for the complete 365 package from Sellerdeck covering hosting and support so hopefully they will resolve this soon, I am concerned being non compliant.

That said I do think the whole PCI and GDPR thing is blown up, it's become an industry in itself.

**mje** · 10-Oct-2024, 10:22 AM

Originally posted by EdHarrison View Post

Thank you, I pay a lot for the complete 365 package from Sellerdeck covering hosting and support so hopefully they will resolve this soon, I am concerned being non compliant.

That said I do think the whole PCI and GDPR thing is blown up, it's become an industry in itself.

Wondering if a Sellerdeck site, upto date version , on Sellerdeck hosting, using ClearAccept as sole payment gateway would be compliant out of the box?

**EdHarrison** · 10-Oct-2024, 10:28 AM

I don't believe so as their hosting is the issue

**zgap111** · 10-Oct-2024, 01:10 PM

I'm sure they can... It's quite simple...

They can setup/move everyone using v18 Sellerdeck onto SecureFTP / PCI compliant / up-to-date server(s)
- if the IP address can't be maintained, then just the DNS record(s) needs updating

I seem to have this bookmarked
https://search.dnslytics.com/search?...&q=81.29.88.81
I think the IP was the Sellerdeck 365 server we used to be on

Announcement

Pci 4.0 scan fail

Pci 4.0 scan fail

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment