My website is failing the Trustware PCI compliance scan (error below) and I wonder if this extension could be used to resolve the issue?
Web Application Transmits Login Credentials Without Encryption
Description: Intercept traffic containing login credentials, it would be trivial to view user account and password information.
Remediation: All web application communications containing sensitive information should be transmitted using SSL/TLS (HTTPS). If re-direction from HTTP to HTTPS is utilized in an attempt to remediate this finding, please ensure that such redirection occurs on the server side of the system (for example via the use of the HTTP “Location” header element) and that redirection is not reliant upon the client (browser) side.
- The topic ‘PCI Network Scan’ is closed to new replies.