?
Solved

Problem with SSL hosting ASP

Posted on 2001-09-08
3
Medium Priority
?
359 Views
Last Modified: 2013-12-24
I have a site hosted with Fasthosts.  I run ASP on this domain.  I have trialed a shopping basket on it, it all works fine, but has no security for Credit cards.  I have now purchased off them a SSL facility.  I can upload and read straight html here, but I want to store data (credit card info.).


My questions are as follows;

Should I store the data store in the ssl area, as there is an area within the normal site whick is secure, it's the passing of information thet needs the ssl's?

I cannot get the pages with thr SSL to read a database either within the SSL or within the standard site.  Within the set up of the SSL's there is an ODBC setup function. The helpless file states:

"This screen lets you add and modify ODBC data sources for the domain. It is simply a case of specifying what type of data source you require and entering the correct path for the file. Please note that you need to specify the data source full path and filename. For example: DSN name = Test. Database path = domain.co.uk\private\test.mdb"

I can resolve the end part of the full path ie I can replace domain with my domain and test with the database name, but any idea if I should also add "DSN name = Test. Database path = " and which bits are variables?

I know these are questions for the ISP, but I've had no joy there!

0
Comment
Question by:perrybond
  • 2
3 Comments
 
LVL 15

Expert Comment

by:Eric AKA Netminder
ID: 6471864
1. I would store it in the secure area. Even better would be to store it on the server someplace outside the \inetpub\wwwroot folders.

2. Their instructions might be a little clearer if they said the following:

DSN Name = c:\foldername\foldername\database.mdb = domain.co.uk\private\database.mdb

If you look at how you set up a DSN on your local computer, you'll see that you give the DSN a name, tell it what kind of file it is (Access database, text file, Excel spreadsheet, etc.), and then tell it where on your hard drive/network the database is.

Your ISP is trying to make it easy, so all you need to know is where on their system the file is kept, and they probably have some kind of script that fills in all the blanks.

Hope this helps...

ep
0
 

Accepted Solution

by:
crispy2111 earned 500 total points
ID: 6652755
Think very carefully about storing any sensitive data on any server, but particularly on what appears to be a shared server. SSL only encrypts the data during transit and is not sufficent for securely storing data. For more info on payment solutions visit www.commercepay.co.uk

Chris Bacon
cbacon@commercenti.com
www.commercenti.com
0
 
LVL 15

Expert Comment

by:Eric AKA Netminder
ID: 6652934
crispy,

Welcome to Experts Exchange!

It is common practice here to make comments on questions, rather than proposing answers, unless you are certain that yours is the one and only, 300 per cent absolute single and sole response which will resolve the questioner's issue.

The reason for that is twofold: First, EE is a collaborative effort, wherein a number of people try to help the user resolve a problem. Second, "answering" (as opposed to "commenting") effectively locks the question, so that any further collaboration is difficult, if not impossible.

Please see the following links for more information:
http://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp#14
http://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp#15
http://www.experts-exchange.com/jsp/cmtyExpertsOnly.jsp

Please change your "answer" to a comment, and again, welcome aboard!

Regards,

ep
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question