https://community.developer.cybersource.com/t5/Integration-and-Testing/PCI-Complaint-Hosting-for-Authorize-net/m-p/75428#M47029 <P>Hello everyone,,</P><P>&nbsp;</P><DIV class="_3xX726aBn29LDbsDtzr_6E _1Ap4F5maDtT1E1YuCiaO0r D3IL3FD0RFy_mkKLPwL4"><DIV class="_292iotee39Lmt0MkQZ2hPV RichTextJSON-root"><P class="_1qeIAgB0cPwnLhDF9XSiJM">Sorry for the long post.</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">I'm developing my first e-commerce site and told my client to choose a merchant services provider to process their credit card transactions. They decided to go with Authorize.net. But before they can begin processing they need to answer some questions about their hosts firewall to prove they are PCI compliant.</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">They apparently host through GoDaddy and forwarded these questions on to them. GoDaddy informed them they had to pay an extra $35 a month to add on a firewall per domain.</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">I'm not the most server savvy person, but it seems odd to me that GoDaddy doesn't already have a firewall in place. I'm also a bit fuzzy as to how they could apply a firewall to just one domain on their server.</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">With many negative interactions with GoDaddy in the past, I thought I'd get some expert non-biased advice from you guys. Is GoDaddy trying to sell my client something they don't need? Is their a better/cheaper way to do this (including switching hosts)? Do they still need to pay for the firewall to become PCI compliant if we use the SIM API?</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">Any advice is much appreciated.</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">&nbsp;</P></DIV></DIV><DIV class="_1hwEKkB_38tIoal6fcdrt9"><DIV class="_3-miAEojrCvx_4FQ8x3P-s">&nbsp;</DIV></DIV> Sat, 20 Mar 2021 22:56:45 GMT Garaofsand 2021-03-20T22:56:45Z https://community.developer.cybersource.com/t5/Integration-and-Testing/PCI-Complaint-Hosting-for-Authorize-net/m-p/75428#M47029 <P>Hello everyone,,</P><P>&nbsp;</P><DIV class="_3xX726aBn29LDbsDtzr_6E _1Ap4F5maDtT1E1YuCiaO0r D3IL3FD0RFy_mkKLPwL4"><DIV class="_292iotee39Lmt0MkQZ2hPV RichTextJSON-root"><P class="_1qeIAgB0cPwnLhDF9XSiJM">Sorry for the long post.</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">I'm developing my first e-commerce site and told my client to choose a merchant services provider to process their credit card transactions. They decided to go with Authorize.net. But before they can begin processing they need to answer some questions about their hosts firewall to prove they are PCI compliant.</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">They apparently host through GoDaddy and forwarded these questions on to them. GoDaddy informed them they had to pay an extra $35 a month to add on a firewall per domain.</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">I'm not the most server savvy person, but it seems odd to me that GoDaddy doesn't already have a firewall in place. I'm also a bit fuzzy as to how they could apply a firewall to just one domain on their server.</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">With many negative interactions with GoDaddy in the past, I thought I'd get some expert non-biased advice from you guys. Is GoDaddy trying to sell my client something they don't need? Is their a better/cheaper way to do this (including switching hosts)? Do they still need to pay for the firewall to become PCI compliant if we use the SIM API?</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">Any advice is much appreciated.</P><P class="_1qeIAgB0cPwnLhDF9XSiJM">&nbsp;</P></DIV></DIV><DIV class="_1hwEKkB_38tIoal6fcdrt9"><DIV class="_3-miAEojrCvx_4FQ8x3P-s">&nbsp;</DIV></DIV> Sat, 20 Mar 2021 22:56:45 GMT https://community.developer.cybersource.com/t5/Integration-and-Testing/PCI-Complaint-Hosting-for-Authorize-net/m-p/75428#M47029 Garaofsand 2021-03-20T22:56:45Z