Re: e-commerce framework suggestion? medoc?
> On Feb 25, 2016, at 1:28 AM, li...@wrant.com wrote: > > Don't fall for regulation scare talks, there should be no reason to > put something outside local premises except payment processing which > is a well developed monetary system service from banks etc. > Since I deal with credit card security in my professional life I’ll chime in. PCIDSS are the primary security standards you (or your client) need to deal with. These are not governmental standards but are set by the payment card industry (JCB International, Visa, MasterCard, etc.). While there may be government regulations they are typically less stringent than PCIDSS. The standards vary based on how credit cards are being handled. If, as suggested, you allow a third party (Paypal, Square, your bank) to do the actual payment processing and at no point in time your does server asks for (or handles) a credit card number your life is much simpler. If you develop a web form that asks for a credit card number (even if you pass it back to the bank for processing) you have to comply with more regulations. You can choose the path that makes the most sense by taking at look at the requirements at https://www.pcisecuritystandards.org/.
Re: e-commerce framework suggestion? medoc?
On Thu, 25 Feb 2016, li...@wrant.com wrote: Wed, 24 Feb 2016 23:51:10 +0100 arrowscr...@mail.com So, I'll probably use Ubercart. Thanks everyone. The "Django" software seems good too 'Mariano', I'll read more on that. About the laws and regulations 'Dave', I will need to see that. Here in my country we have all these regulations too. Thanks for the advice. Don't fall for regulation scare talks, there should be no reason to put something outside local premises except payment processing which is a well developed monetary system service from banks etc. Don't fall for "it's all a scare tactic" either. Investigate, then make your own decision based on whatever laws and regulations apply to you. Good luck. Dave Run your own systems, make sure you protect your clients personal details, separate databases and storage layers, use sound security and encryption, and update your software regularly plus plan for disaster. This includes dirty play from the competing parties which want to suck your data into their system with the "cloud" services. Web based software is multiple reliability nightmares yet running it internally with limited outside connectivity and reliable (static) web front end site is an option for control of this critical aspect. At that point you're as good as a personal self sustained service. -- Dave Anderson
Re: e-commerce framework suggestion? medoc?
Wed, 24 Feb 2016 23:51:10 +0100 arrowscr...@mail.com > So, I'll probably use Ubercart. Thanks everyone. > The "Django" software seems good too 'Mariano', I'll read more on that. > > About the laws and regulations 'Dave', I will need to see that. Here > in my country we have all these regulations too. Thanks for the > advice. Don't fall for regulation scare talks, there should be no reason to put something outside local premises except payment processing which is a well developed monetary system service from banks etc. Run your own systems, make sure you protect your clients personal details, separate databases and storage layers, use sound security and encryption, and update your software regularly plus plan for disaster. This includes dirty play from the competing parties which want to suck your data into their system with the "cloud" services. Web based software is multiple reliability nightmares yet running it internally with limited outside connectivity and reliable (static) web front end site is an option for control of this critical aspect. At that point you're as good as a personal self sustained service.
Re: e-commerce framework suggestion? medoc?
So, I'll probably use Ubercart. Thanks everyone. The "Django" software seems good too 'Mariano', I'll read more on that. About the laws and regulations 'Dave', I will need to see that. Here in my country we have all these regulations too. Thanks for the advice.
Re: e-commerce framework suggestion? medoc?
For the eshop part, you can use ubercart (drupal module). It should be reasonably sound and maintained.
Re: e-commerce framework suggestion? medoc?
On Wed, 24 Feb 2016, arrowscr...@mail.com wrote: I'm currently deciding to do a "e-commerce" website. I noticed that OpenBSD Store use a software from medoc.com. If not medoc, do you guys have any other suggestion for e-commerce framework? It have to be open source, because I can't pay a service now (and I woudn't trust them anyway). The idea is to be secure as possible (I know it's difficult with all this sql/php madness). I'll, of course, use httpd(8) on -stable. Regards. Be _very_ careful about this. You don't say where you live or work, but (at least in the U.S.) a whole bunch of laws and regulations pop up to make your life miserable if you start dealing with credit card info, etc. (I'm no expert on this, but am involved in an organization which uses a commercial e-commerce service to shield itself from all this and have overheard quite a bit of discussion on the subject.) I'd strongly recommend that, before doing anything about this, you carefully investigate what your responsibilities and liabilities would be. Dave -- Dave Anderson
Re: e-commerce framework suggestion? medoc?
Django[0] is a popular choice nowadays. There's also DjangoCMS[1] which is "easier" to use for less technical people. And don't forget to examine as many as ecommerce[2] modules as you want. [0] http://www.djangoproject.com/ [1] http://www.django-cms.org/ [2] https://www.djangopackages.com/grids/g/ecommerce/
Re: e-commerce framework suggestion? medoc?
arrowscr...@mail.com (arrowscr...@mail.com), 2016.02.24 (Wed) 07:15 (CET): > I'm currently deciding to do a "e-commerce" website. I noticed that > OpenBSD Store use a software from medoc.com. > If not medoc, do you guys have any other suggestion for e-commerce > framework? It have to be open source, because I can't pay a service > now (and I woudn't trust them anyway). The idea is to be secure as > possible (I know it's difficult with all this sql/php madness). > I'll, of course, use httpd(8) on -stable. What is in ports/packages... $ pkg_add sqlports-compact $ sqlite3 /usr/local/share/sqlports-compact "SELECT * from Descr \ where VALUE LIKE \"%e-commerce%\";" 8780|Ubercart is an e-commerce suite developed for Drupal. It has been designed with the end user in mind, focusing on usability in three key areas: store configuration, product and catalog creation, and order administration. On the front end, all major systems are configurable and integrate with the standard Drupal systems (node, taxonomy, user, etc.). On the back end, the settings pages and order administration pages have been designed with ease of use in mind. Bye, Marcus > !DSPAM:56cd4b4e88231894794140!