PCI Compliant Hunting Apparel Store
YEARS ON CS-CART
Jackpykeshop is a hunter apparel store that came to us for upgrades, continued with PCI compliance tweaks, and now is hosted on a regular basis with our DevOps&SRE team.
The store is based on the CS-Cart Ultimate platform, has 6 active storefronts, all upgraded with us to include new features and keep them up and running.
Upgrade the store to the latest version
Make the store PCI compliant
Implementing the project
Here we’ll tell you how we customized the project to improve its efficiency and functionality.
Making the store PCI compliant
Edmund, the business owner, asked us about PCI compliance: PayPal threatened to impose restrictions on his website account due to non-compliance with the PayPal security requirements. He ordered a check of his server from the Trustwave service. Successful completion of the check is necessary for PayPal to give the permission to accept payments.
Until a certain point, PCI Compliance problems were solved by applying changes in the settings on the hosting side, but every year PayPal (and the certifying bodies cooperating with them like Trustwave) are becoming stricter about security, so in a certain period of time, some components of CS-Cart itself were required to be rewritten to meet the requirements.
Requests came one after another, scan tests were becoming better with every modification, but still pass points were not enough to fully comply. Edmund asked us for a dedicated development team that could take on the issue entirely. Despite the small package of development hours, the guys did a good job. While doing the work, changes had to be made in such a way that compatibility with existing components/security of other parts of the system would not be compromised. The guys did their job just in time, the client managed to keep the integration with the payment system.
Upgrading to the latest version
Upgrading was an imperative need of the store to capture significant changes made since version 4.10. Edmund wanted to optimize the number of storefronts, update the PHP version, and keep all the modifications done to get the most out of the upgrade. That is just what we did:
- We checked the server set-up
- Updated PHP from version 7.0 to version 7.3 to exclude any vulnerability and close security gaps
- Checked that SSL certificate is up to date
- Kept all add-ons compliant with the newest platform version
- Checked the StoreFeeder API modification to keep its compliance with the new CS-Cart version
- Ensured the same stock levels as in the ERP system connected to the store
An upgraded PCI compliant store that can accept PayPal payments