Modification to HTTP headers and contents of payment pages

  • Resolved happyday25

    (@happyday25)


    9 months, 2 weeks ago

    Hello, I am looking into the requirements coming up for PCI v4.0 compliance for my ecommerce site and one of the items necessary is the following:

    ____

    11.6.1 A change and tamper-detection mechanism is deployed as follows:

    To alert personnel to unauthorized modification (including indicators of compromise, changes, additions, and deletions) to the HTTP headers and the contents of payment pages as received by the consumer browser.

    • The mechanism is configured to evaluate the received HTTP header and payment page. 
    • The mechanism is configured to evaluate the received HTTP header and payment page.

    The mechanism functions are performed as follows:

    • At least once every seven days

    ____

    In addition to this, I also need to implement a Content Security Policy or Sub-Resource Integrity.

    Are either of these a feature that the BulletProof Security Plugin can help with?

    Thank you!

    • This topic was modified 9 months, 2 weeks ago by happyday25.
    • This topic was modified 9 months, 2 weeks ago by happyday25.
    • This topic was modified 9 months, 2 weeks ago by happyday25.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author AITpro

    (@aitpro)

    BPS does not do any of these things.

    Plugin Author AITpro

    (@aitpro)

    Assuming all questions have been answered – the thread has been resolved. If the issue/problem is not resolved or you have additional questions about this specific thread topic then you can post them at any time. I still receive email notifications when threads have been resolved.

    Plugin Author AITpro

    (@aitpro)

    Assuming all questions have been answered – the thread has been resolved. If the issue/problem is not resolved or you have additional questions about this specific thread topic then you can post them at any time. I still receive email notifications when threads have been resolved.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Modification to HTTP headers and contents of payment pages’ is closed to new replies.