WordPress.org

Ready to get started?Download WordPress

Forums

WordPress HTTPS (SSL)
PCI Network Scan (1 post)

  1. division123
    Member
    Posted 7 months ago #

    My website is failing the Trustware PCI compliance scan (error below) and I wonder if this extension could be used to resolve the issue?

    Web Application Transmits Login Credentials Without Encryption

    Description: Intercept traffic containing login credentials, it would be trivial to view user account and password information.

    Remediation: All web application communications containing sensitive information should be transmitted using SSL/TLS (HTTPS). If re-direction from HTTP to HTTPS is utilized in an attempt to remediate this finding, please ensure that such redirection occurs on the server side of the system (for example via the use of the HTTP "Location" header element) and that redirection is not reliant upon the client (browser) side.

    http://wordpress.org/plugins/wordpress-https/

Reply

You must log in to post.

About this Plugin

About this Topic