PCI Compliance Support
Having difficultly passing your compliance scans or even understanding what is wrong?
Every company who takes credit cards on-line is facing PCI Compliance scans from scan vendors such as Trustwave. The problem with scan results is that they are impossible to read and even more difficult to resolve the issues noted in the results. Often times companies give up trying to obtain compliance simply because it is too time consuming to be compliant. This is a dangerous and irresponsible path to take.
- Do you need technical help interpreting a security vulnerability scan report?
- Do you need a second opinion?
- Do you need help filling out your PCI Questionnaire?
MagicAngel Hosting offers servers that can pass Trustwave's PCI compliance scans and we will help you submit any disputes required for you to fully pass your compliance scan. We will log into your portal and resolve all of your issues for you. If we can, we will make changes to your website to meet compliance. For example, forms should not allow autofills. We can disable autofills on your logins.
What do we do that is different?
PCI Compliance is the responsibility of every web host, but unfortunately, being PCI Compliant is not very customer friendly, so many hosts simply do not even try to comply with PCI compliance standards.
- We have disabled SSLv3 (POODLE compliance) for HTTP, and FTP. (This breaks many FTP programs)
- We require AUTH_TLS for FTP. (This breaks a whole bunch more FTP programs)
- We offer TLS 1.2 for clients (This is better for security)
- We offer 4096 Bit SSL Certificates using RSA (This is better for security)
- We offer SFTP (FTP over SSH) for clients who need it.
- All of our customers run in CageFS which prevents users from seeing your processes and learning how to exploit your site.
- We keep all of our software up to date, including our operating system. (We move clients to better servers much more often than most hosts so that sites are never on an older operating system)
How do we block hackers?
- Mod Security JIT (Just In Time) Rules block know exploits before they are patched.
- CXS (Configserver Exploit Scanner) Scans all uploads and POSTS for exploits
- Configserver Firewall blocks hackers and LDF (Login Failure Daemon) blocks password attacks.
- CloudLinux offers higher security and more protection than normal Linux.
Then avoid the hassles through a proactive PCI DSS Compliance response by contacting MagicAngel Hosting TODAY!.