• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 366
  • Last Modified:

Problem with SSL hosting ASP

I have a site hosted with Fasthosts.  I run ASP on this domain.  I have trialed a shopping basket on it, it all works fine, but has no security for Credit cards.  I have now purchased off them a SSL facility.  I can upload and read straight html here, but I want to store data (credit card info.).


My questions are as follows;

Should I store the data store in the ssl area, as there is an area within the normal site whick is secure, it's the passing of information thet needs the ssl's?

I cannot get the pages with thr SSL to read a database either within the SSL or within the standard site.  Within the set up of the SSL's there is an ODBC setup function. The helpless file states:

"This screen lets you add and modify ODBC data sources for the domain. It is simply a case of specifying what type of data source you require and entering the correct path for the file. Please note that you need to specify the data source full path and filename. For example: DSN name = Test. Database path = domain.co.uk\private\test.mdb"

I can resolve the end part of the full path ie I can replace domain with my domain and test with the database name, but any idea if I should also add "DSN name = Test. Database path = " and which bits are variables?

I know these are questions for the ISP, but I've had no joy there!

0
perrybond
Asked:
perrybond
  • 2
1 Solution
 
Eric AKA NetminderCommented:
1. I would store it in the secure area. Even better would be to store it on the server someplace outside the \inetpub\wwwroot folders.

2. Their instructions might be a little clearer if they said the following:

DSN Name = c:\foldername\foldername\database.mdb = domain.co.uk\private\database.mdb

If you look at how you set up a DSN on your local computer, you'll see that you give the DSN a name, tell it what kind of file it is (Access database, text file, Excel spreadsheet, etc.), and then tell it where on your hard drive/network the database is.

Your ISP is trying to make it easy, so all you need to know is where on their system the file is kept, and they probably have some kind of script that fills in all the blanks.

Hope this helps...

ep
0
 
crispy2111Commented:
Think very carefully about storing any sensitive data on any server, but particularly on what appears to be a shared server. SSL only encrypts the data during transit and is not sufficent for securely storing data. For more info on payment solutions visit www.commercepay.co.uk

Chris Bacon
cbacon@commercenti.com
www.commercenti.com
0
 
Eric AKA NetminderCommented:
crispy,

Welcome to Experts Exchange!

It is common practice here to make comments on questions, rather than proposing answers, unless you are certain that yours is the one and only, 300 per cent absolute single and sole response which will resolve the questioner's issue.

The reason for that is twofold: First, EE is a collaborative effort, wherein a number of people try to help the user resolve a problem. Second, "answering" (as opposed to "commenting") effectively locks the question, so that any further collaboration is difficult, if not impossible.

Please see the following links for more information:
http://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp#14
http://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp#15
http://www.experts-exchange.com/jsp/cmtyExpertsOnly.jsp

Please change your "answer" to a comment, and again, welcome aboard!

Regards,

ep
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now