For any business that handles Credit Card data, in anyway, there is a set of rules and standards they must follow. These rules and regulations are called Payment Card Industry Data Security Standard. Or PCI-DSS for short, however this is often simplified to just ‘PCI Compliance’.
These standards were put in place by major Credit Card companies to ensure data security. These standardized rules greatly simplify securing credit card data as they allow businesses to track a single standard. In the past each credit card network had their own standard which made it hard for users to be compliant.
Who created PCI Compliance and why?
In the early 2000s there were numerous issues relating to Credit Card processing and security. At that time every network had their own set of rules and standards. Making it hard for businesses to comply, or even stay informed about the requirements. Often a business couldn’t follow the proper procedure simply due to confusion.
Around 2006 the major Credit Card networks, processors and providers began working to solve these issues. As a joint venture they formed the Payment Card Industry Security Standards Council. The original members of the council include Visa, MasterCard, American Express, Discover, and JCB. Under this new council the original PCI-DSS rules and documentation were created.
The new standards greatly simplified and improved security compliance for business owners. Rather than needing to understand every companies unique rules they had a single set.
The 12 steps to PCI Compliance
While at its core PCI Compliance is a very technical topic, it can be simplified to 12 points across 6 sections. Each section has their own defined objective and each point aims to achieve that objective.
Objective: Build and maintain a secure network
Install and maintain a firewall configuration to protect cardholder data
Do not use vendor-supplied defaults for system passwords and other security parameters
Objective: Protect cardholder data
Protect stored cardholder data
Encrypt transmission of cardholder data across open, public networks
Objective: Maintain a vulnerability management program
Use and regularly update anti-virus software on all systems commonly affected by malware
Develop and maintain secure systems and applications
Objective: Implement strong access control measures
Restrict access to cardholder data by business need-to-know
Assign a unique ID to each person with computer access
Restrict physical access to cardholder data
Objective: Regularly monitor and test networks
Track and monitor all access to network resources and cardholder data
Regularly test security systems and processes
Objective: Maintain an information security policy
Maintain a policy that addresses information security
Again, that’s quite a lot more to PCI Compliance than just the steps above. These are simply meant to be an overview to give you a better picture of what PCI compliance entails.
There was once a time on the Internet where there were many valid reasons to avoid using an SSL all the time. For example, using an SSL sometimes meant your website isn’t indexed as thoroughly. Or maybe certain types of caching were broke.
It’s 2017 now though and those days are long since passed. Almost any reason to not use an SSL on your site has been changed or fixed. In this Knowledge Base article we feature a video provided by Chris Lema to show how quick you can setup an SSL on Managed WordPress.
In just under 2 minutes Chris shows that you can login to your Managed WordPress, create a new WordPress site, and get the SSL certificate setup! Doing the same thing manually could take up to a few hours. There’s no doubt that Managed WordPress makes hosting your WordPress securely quick and simple.
There’s no doubt that PHP 7 is a lot faster and more efficient than PHP 5.x versions. The reason it’s provides better performance is because PHP 7.x underwent massive internal changes. With such massive changes something has to be too good to be true, right? No not really, but there is something you should know before updating to PHP 7.
In this Knowledge Base article we feature a video provided by Chris Lema. Chris shows how the Managed WordPress Platform makes upgrading to PHP 7 simple and quick!
Overall, almost every website and application will benefit running on PHP 7. Sounds good, but it’s not always that simple! With big changes comes some breaking changes, so not everyones code is ready for the update as is. That’s why our Managed WordPress product includes a compatibility checking feature to ensure your WordPress and plugins are fully compatible with PHP 7.X before updating!
The key to running a successful blog or website is having great content and making it easy for your users to find what they need. Part of providing great blog content usually involves using images and graphics to enhance your articles, posts and pages. Doing so will provide your readers with visual context and can help break up large blocks of text. Using lots of visual elements and images isn’t without its trade-off though.
The more HD photos you use, the more data a user has to download when reading your articles. This can mean longer load times for users, and higher disk and bandwidth usage for your server. That’s why you should always optimize your website’s images since long page loads can cost you views. In this featured video Chris Lema shows how our Managed WordPress improves this with a default plugin.
Website performance is a big deal and we know you care about keeping your site fast. The most common reason for a slow site is caused by uploading full size HD images. So to improve your WordPress sites performance we’re building our own image compression solution. Since building our own solution will take some time and we don’t want you to wait, so we’ve loaded the Compress JPEG & PNG Images plugin for you.
Normally optimizing the first set of images is free and you pay a small fee for images after that, but you wont! We’ve partnered directly with TInyPNG and Liquid Web will be covering that cost so you can use this solution until we complete our own.
In this Knowledge Base article, we feature a video provided by Chris Lema to introduce the Managed WordPress Visual Comparison feature. If you run run a WordPress, you understand the potential headaches you may face when updating your plugins and themes. Do you choose to update on the fly and risk taking down your site; or do you set up a staging, keep it in sync with your live site and use that to test updates?
What if there was another way? A better way? Chris knows there is and we’re excited to show you what we’ve come up with.
Using our Managed WordPress Platforms Visual Comparison feature we can automatically test and update your plugins for you. This creates an internal only staging environment, updates the plugins one by one and compares the changes. The Visual Comparison feature will only update plugins that do not cause a visual difference on your live site.
When you review the Visual Comparison report for the site you will see the plugins we updated automatically and exactly why we didn’t update others. You can quickly determine the potential issues a plugin update will cause, allowing you to more easily take control of your WordPress site’s updates.
The best part is that with Visual Comparison enabled we will run the update checks and comparisons nightly to ensure all of your plugins stay up to date! It’s that simple, no more compromise between security and site stability.
Behind Cloud Sites, racks full of both Linux and Windows servers power over 100,000 sites and applications. Every Windows-based page is served from clusters built and optimized especially for Windows, and every Linux-based page is served from clusters built and optimized especially for Linux. We use advanced load balancing technologies to automatically detect the type of technology you are running and route each request to the proper pool of servers.
Best Web Development Tools of 2017: Editors/IDEs and Package Management
The worlds of web hosting and web development are in a constant state of evolution. Every year we see design trends change, coding standards adapt and new frameworks/CMS created. With such a quick pace of change it’s easy to get lost trying to keep up.
As a web hosting company we don’t often talk about the tools used to create the web. We’re usually ultra focused on the components that enable us to server and support you; things like: server hardware, Linux, Apache and etc.
Lately there’s been a lot of speculation about Googles up-coming changes to how sites without an SSL are going to be treated. As January draws towards a close we have seen an increase in customers with concerns of how this will affect their site. Both in terms of people being able to see it and how it might affect their search ranking.
This article aims to clear up some of the confusion and to demystify the changes. If you are unfamiliar with how SSL/TLS or HTTPS works please take a look at our article on the subject.
Every single day 100s of terabytes of data is being transferred across the internet. In fact, based on Intel’s 2012 report, nearly 640K Gb of data is transferred every single minute. That’s more than 204 million Emails, 47,000 app downloads, 1.3 million YouTube videos watched and 6 million Facebook views.
For Cloud Sites customers, new and old, logging into your Cloud Sites control panel is likely one of the first things you’ll want to know how to do. Using the control panel you can leverage the power of the Cloud Sites platform in a simple to use interface.