I recently came across an affiliate article about self-hosted ecommerce avenues being risky and fraught with spam email account, potential server hacking and all sorts of scary propositions. And for a minority of amatuer hosting operators who have never had formal training in the fields of IT Security, it can be!
Things to ask your potential self-hosting provider
- Do you have a current SAQ – D 2.0 AOC Document
- Are your staff certified by industry boards such as CompTia
- Are you a hosting reseller or do you run your own servers
Item 1 is potentially the biggest deal on the block. A 35 page security assessment that is usually reviewed by a certified security assessor with credentials from the Payment Card Industry Association. It’s the most stringent of all self-assessed questionnaire. You may pay a bit more for PCI secure hosting. But, after all, it is your business reputation on the line.
Why Open-Source is good for you
The referenced article attempted to sell you to use shopify with an affiliate link. There is nothing at all wrong with affiliate marketing if you do not try to spook someone into the sale. Open program code is free and when you download it, you own it forever and ever. You will not have to pay shopify.com a minimum of 29.95USD each month. And you do not own their program code. There are costs involved with upkeep. The same expenses we all pay for copier repair, toner cartridge replacements, binds of new printer paper, et al.
The power of crowdsourcing enhanced the open source project over time. This is effort you spent not one dime to affect. You continue to enjoy the benefits of others around the world.
Fighting Spam from the Self-Hosting eCommerce Article
Most servers use plesk or spamassassin for open source to combat spam. They also use Remote Blocking List that are maintained and reported by thousands of others servers whenever an illegal and unsolicited commerce email transmission has been sent.
We use SpamAssassin quite well along with Remote Blocking List. From the time they knock on the door, they are given the boot in most cases. Spammers are crafty and continuously try to fool us. But that’s our job to worry about those pesky rodents. I’m going to include code that you may ask your self-hosted service to insert if you use spamassassin. keep in mind you MUST still white list your address book entries after this. Here it is => https://gist.github.com/inetbiz/9540879
Unknown Author (Nov 02, 2013) “Why self-hosted ecommerce solutions are risky …is ePub”. [fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][Web blog post]. Retrieved from http://thinkmakesell.com/2013/11/self-hosted-ecommerce-risky/ on 11-12-2013[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]