Tag Archives: Public-key infrastructure

How to improve your ecommerce server security & love yourself

 

SSL

Server security is one of the first things we should consider when we get ready to go into online business, and it’s a factor of the market that should be regularly reviewed. PCI compliance is one thing, but it’s a little obtuse and complicated when we’re taking initial steps to “harden” (enhance the protections of) the server.

Also we must love ourselves. Sometimes everything looks bright and sunny. Sometimes, it looks blue (that’s not a happy color). Sometimes it looks dreary and gray. When we start seeing colors that make us want to cry, we must grab all of our stuffed animals, line them up in a row, and have them sing the Hallelujah Chorus to us (don’t worry, all stuffed animals know it by heart).

We’ll look at a number of different issues in this series: SSL, perimeter security such as firewalls, passwords, site backups, policies, authorizations, etc.. Our general overview will cover the first two parts, and then the final part will focus specifically on passwords – the simplest form of protection but also the simplest, in some ways, to penetrate.
Continue reading How to improve your ecommerce server security & love yourself