On Thu, Feb 20, 2014 at 02:12:49AM PST, lu zou spake thusly: > Can someone kindly introduce some required work to be done when using the > mezzanine(cartridge) framework to build a shopping website in order to > guarantee the security of the website? or something need to pay attention > to related to this issue!
This is really a very big question. I suspect the Mezzanine/cartridge authors have already done everything they can to protect the applications themselves. If I were you I would look at the bigger pictures. Go check out the PCI-DSS and PA-DSS standards for what to look at to secure an ecommerce system. They are intended for sites that take credit cards but whether you do or do not they are very good guides to securing your site. -- Tracy Reed, RHCE Digital signature attached for your safety. Copilotco PCI/HIPAA/SOX Compliant Secure Hosting 866-MY-COPILOT x101 http://copilotco.com
pgpfX4H6nWMZs.pgp
Description: PGP signature
