Get the most out of your Centmin Mod LEMP stack
Become a Member

Sysadmin PCI check vulnerabilities

Discussion in 'System Administration' started by Andy, Aug 13, 2020.

  1. Andy

    Andy Premium Member Premium Member

    477
    77
    28
    Aug 6, 2014
    Ratings:
    +109
    Local Time:
    6:01 AM
    If you have a merchant account to process payment, you will need to scan and verify your website is PCI compliant every 3 months.
    Failing this will have severe consequences i.e stopping payment, higher fees, etc.
    My last PCI scan was in May and passed but I have to scan again today and it failed with several errors. I'm not sure if there is any updates from CMM that caused the difference.
    I hope @eva2000 can help provide some input on how to fix these.
     
  2. Andy

    Andy Premium Member Premium Member

    477
    77
    28
    Aug 6, 2014
    Ratings:
    +109
    Local Time:
    6:01 AM
    1. Possible Scan Interference
    Solution: Whitelist the Qualys scanner to scan without interference from the IDS or IPS.

    2. HTTP Security Header Not Detected on port 80 and 443
    Solution