by (120 points)
I see there are several selections for payment methods in the plug-in section.  The areas I have looked into seem to be focused around simplicity and convenience which looks great. I saw in another post that v1.9 had some hacking problems and they have been addressed in more recent models.

Background on our business; We sell a variety of items (some of which are extremely large purchases) and the security of our client base is of the utmost importance- not that any client list is not.

My big question- How secure is the information?  Has anyone had issues?  Is it possible to bring in a third party security system such as Symantec in if I wanted too?  If not, what is the closest option I have in using SEOTOASTER's system?

Thank you for you time.

1 Answer

by (14.9k points)
Hello,

I'm unsure as of what Symantec would do, but security has lots of ins and outs.

What we recommend is to harden your web server, only having SEOTOASTER running on it. No FTP services or any other application, so that you only have to deal with the possible security flaws found in your main application. It's a good rule of thumbs, that's the way we do it on our servers.

You can also restrict access to the web server by doing port filtering.

You can also add network level security by configuring your network as a diode (that's the way banks run web applications).

You also need to have a strong password policy in place

As far as the SEOTOASTER application itself, you can start by hiding the login into a different url than /go

Please check out to find out how we avoid storing any sensible credit card information:
http://www.seotoaster.com/pci-compliant-open-source-shopping-cart.html

Keep in mind that security is first and foremost a mindset.
As you've seen with the one vulnerability that was found on the V1 architecture, we openly communicate about it, and in fact fixed it before the security vulnerability was publicly released. We try to be equally pro-active in our software engineering.

As of today there's no known vulnerabilities to SEOTOASTER V2 CMS and E commerce.
...