Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › eCart › eCart General / Announcements › eCart Security

eCart Security

Thread began 7/07/2011 6:59 am by stephenjohnston249928 | Last modified 7/07/2011 7:38 am by stephenjohnston249928 | 1029 views | 3 replies

7/07/2011 6:59 amstephenjohnston249928

eCart Security

I've used eCart before, but this is the first time I have used it with paypal pro. It seems to be connecting fine to the sandbox. However I have some security concerns.

1. I notice that some pages contain all the API user, password, signature in them - and these are in the public part of the site (eg checkout.php). Is this safe? Surely if someone downloads that page or uses a tool like 'Site Import', they'll have the api access details?

2. As my other eCart sites were just paypal std, I had no need for SSL. But I'll need to add SSL for the pro integration, which is fine. But as an SSL novice (my host will install for me) - do I need to place all the https required pages in a separate folder from the non ssl files. And do I need to put all ssl assets (images, css, javascript, webassist files etc etc) in the same folder as the SSL files. Or will I get a 'This page contains both secure and non secure......' warning if I don't.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.