Join the community today
Register Now

Sysadmin PCI check vulnerabilities

Discussion in 'System Administration' started by Andy, Aug 13, 2020.

  1. Andy

    Andy Active Member

    540
    88
    28
    Aug 6, 2014
    Ratings:
    +131
    Local Time:
    8:55 PM
    If you have a merchant account to process payment, you will need to scan and verify your website is PCI compliant every 3 months.
    Failing this will have severe consequences i.e stopping payment, higher fees, etc.
    My last PCI scan was in May and passed but I have to scan again today and it failed with several errors. I'm not sure if there is any updates from CMM that caused the difference.
    I hope @eva2000 can help provide some input on how to fix these.

     
  2. Andy

    Andy Active Member

    540
    88
    28
    Aug 6, 2014
    Ratings:
    +131
    Local Time:
    8:55 PM
    1. Possible Scan Interference
    Solution: Whitelist the Qualys scanner to scan without interference from the IDS or IPS.

    2. HTTP Security Header Not Detected on port 80 and 443
    Solution