|
Integrator Notes
| • | Assign secure authentication to default accounts and then disable or do not use the accounts. This includes system logins as well as database logins. |
| • | Assign secure authentication for administrative access to payment applications and data. Refer to PCI-DSS Requirement 8.5 and its sub-requirements for guidance on how to implement PCI-DSS compliant authentication. |
| • | These secure authentication methods outlined in PCI-DSS 8.5 should be implemented on your database server and on any other servers, PC’s, etc in your enterprise that are part of the payment application infrastructure. |
| • | Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry-accepted system hardening standards. (See PCI-DSS 2.2) |
| ▪ | Only one primary function is allowed per server. This means that you should have a separate server for your database and one server for your web server. Email and DNS should be hosted on separate servers as well. |
| ▪ | Disable all unnecessary and insecure services and protocols. |
| ▪ | Configure system security parameters to prevent misuse. |
| ▪ | Remove all unnecessary functionality, such as scripts, drivers, features, subsystems, file systems, and unnecessary web servers. |
| • | If you utilize wireless technology within your environment, you must change wireless vendor defaults, including but not limited to, wired equivalent privacy (WEP) keys, default service set identifier (SSID), passwords, and SNMP community strings. Disable SSID broadcasts. Enable Wi-Fi protected access (WPA and WPA2) technology for encryption and authentication when WPA-capable. (See PCI-DSS 2.1.1) |
| • | Per PCI-DSS 2.3 you must encrypt all non-console administrative access. Use technologies such as SSH, VPN, or SSL/TLS (transport layer security) for web-based management and other non-console administrative access. |
Configuration Notes
In setting up Multifront you must supply a database connection string in the web.config file.
| • | When setting this connection string use a user ID and password that are specific to your web application. If you use SQL Server Authentication do NOT share user IDs and passwords between applications. Passwords should be strong with at least 7 characters and a mix of digits and letters. |
| ▪ | Likewise if you use Windows Authentication make your user is a member of the IIS_WPG (IIS Worker Process) group only and not an administrator or user. |
| • | Do NOT use a system administrator account for your database access. Instead you should use the minimum role required for connecting to the database which is db_owner and public. |
| • | Do use a separate Web server and Database server for your storefront. In other words your connection string should point to a different server to connect to the database. Disable all unnecessary services on each port. For instance, your database server should not have Port 80 open. |
The admin section of Multifront can be set up to encrypt your data stream using HTTPS. To enable this you must select “Enable Secure Socket Layer (SSL) for this store" in the
Settings->Stores->Manage Store dialog. With this setting enabled Multifront will switch to HTTPS at the appropriate times such as when logging in.
“Enable SSL” will not be set by default. On your first login to the Admin click on the “Use Secure Login (SSL)” to switch to https before typing in your user ID and password (SSL must be properly installed on your server).
Multifront has settings to turn on diagnostics. In your production environment you should have these options turned off by setting the following parameters in the web.config:
<add key="EnableDiagnostics" value="0"/>
<add key="EnableIntegrationTest" value="0"/>
In addition you should not report errors that occur in the application to outside users. Be sure to have the following setting in your web.config:
<customErrors defaultRedirect="~/error.aspx" mode="RemoteOnly"/>
Multifront uses an user generated key to encrypt various passwords throughout the system such as gateway login credentials. A default key is provided with the storefront but you should generate your own key before deploying your web site. To regenerate the encryption key do the following:
| 2. | Click on the "Advanced" link in the top navigation. |
| 3. | Click "Rotate Key" from the sub menu. |
| 4. | Click Generate on the Key Rotation page. |
| 5. | After rotating your key you will need to reset your payment settings for credit card processing and other settings that require a password such as SMTP credentials. Login passwords are encrypted through the Microsoft Membership Provider and will be unaffected. |
|