What additional security measures for the site should I pay attention to?

T

ticket7772018-12-13 06:43:50

Information Security

ticket777, 2018-12-13 06:43:50

It is planned to launch a service where payments for acquiring bank cards, cryptocurrencies and some payment systems will be present. The service is international and services are divided by country (covering the entire globe). Now work on the backend is starting and the question arose of additional measures against hacking the site. The site will work on VPS hosting, the site without CMS, but on its own code.
Used technologies:
MySQL 6+
PHP 7+
Phyton
HTML + JS (Jquery, AJAX) + CSS
What should friends pay attention to?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

X

xmoonlight, 2019-07-26
@ticket777

How to protect websites from hacking?

S

Sanes, 2018-12-13
@Sanes

This is a topic for a scientific report.

S

Sergey, 2018-12-13
@feanor7

To hire a specialist in the field of information security of web services.
1. Site forms for data entry.
2. Ports for the filter
3. Muscle and Apache on the same server? If yes, then pay attention to the exchange route
4. Acquiring only through a trusted channel, at least write down the name of the gateway
5. Is Python used for processing or servicing?
6. Bundle of JS and CSS Injection Prevention

B

Boris Syomov, 2018-12-13
@kotomyava

For reading industry standards (PCI DSS, and others like it), taking into account their requirements in development.
For testing by security experts before launch.
Also, on the qualifications of developers, and what is very important, the operation service.