Category: Technical Resources

Making your Website PCI Compliant

admin Leave a comment

The Payment Card Industry (PCI)’s Data Security Standard is increasingly being demanded by tech savvy clients, so it is important that your hosting provider is able to offer PCI Compliant Hosting.

PCI Compliant Hosting providers have grown in importance as the scale of financial transactions are more and more being done online. At BNS we implement the major aspects of PCI standards to make these PCI standard hosting services. Both physical and logical barriers are in place to restrict access and secure data to only those individuals that are properly authenticated and authorized to access the servers.

We employ things like certificate based security, encrypted communications,  IP access control list, full audit entry logs and physical access control measures that employ biometrics.

How to make your website PCI Compliant?

Step 1: Find out the level of PCI Compliance needed:

  • Level 1: Merchants which process over 6 million annual transactions or have already suffered an attack resulting in compromised data·  
  • Level 2: Merchants which process between 150,000 to 6 million annual transactions
  • Level 3: Merchants which process between 20,000 and 150,000 annual transactions
  • Level 4: Merchants which process less than 20,000 annual transactions

The requirements for each level are:

  • Level 1: Annual on-site security audit and quarterly network security scan.
  • Level 2 and 3: Annual self assessment questionnaire and quarterly scan by an approved PCI scanning vendor
  • Level 4: No need to report compliance but must maintain compliance

Step 2: Engage a PCI approved scanning vender to have your Web site scanned for vulnerabilities.  Be sure to continue the scanning on a quarterly basis.

Step 3: Report your compliance by sending the PCI scan and self-assessment to your merchant bank.

If you want to know more about PCI standards:

PCI Security Standards

PCI Self Assessment

PCI FAQs

Feel free to contact us about your PCI compliant hosting requirements

Bangko ng Kalumpit – Online

admin Leave a comment

Bangko ng Kalumpitwas incorporated and made itself within reach in the midst of those who need its services. Its focal vision of being a channel in the filtration of the wealth and resources of the nation to the countryside was pervaded to and formed integral part of its organization.

Bangko ng Kalumpit is a family corporation and its founding officers and Board of Directors are Former RTC Judge Hermin E. Arceo President and Chairman of the Board; Mr. Ariel S. Arceo, Ms. Carol S. Arceo, Mr. Rodolfo E. Arceo and Mr. Eriberto E. Arceo as members.

Manned by pro-people and service-oriented work force, the Bank in no time at all, was accepted by the public as a partner in the rural economic development. It is now the well that small and medium scale industries draw financial resources from whenever they are in need of economic assistance to sustain the growth of their businesses and has become a by-word in the community as it gives generous participation on community projects and cater to the needs of the rural folks.

Joomla exploit fix

admin Leave a comment

As many web developers now frequently use Joomla as their application, we have researched a fix to block some common Joomla exploits. This article contains tips on what codes ca be placed in your .htaccess file inside your httpdocs directory.

########## Begin – Rewrite rules to block out some common exploits
#                             
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End – Rewrite rules to block out some common exploits

Konverg.com

admin 1 Comment

empowering web technologiesKonverg is a Business Technology company dedicated to helping businesses owners get empowered with the latest web technologies.

It aims to provide the best and most relevant business applications with the lowest total cost of ownership to small and medium enterprises. In a competitive business world, Konverg believes in creating an “equalizing” force to small businesses by providing latest business tools for Customer Relationship Management (CRM), Financial Management, Salesforce Automation and Business Intelligence that are otherwise available only to large enterprises with their huge IT Infrastructures and budgets.

Konverg is a private company with offices in the US, Middle East and the Philippines.

BNS Shared Hosting now at Plesk 8.2 for Linux

admin Leave a comment

BNS had just upgraded to the new Plesk 8.2 for Shared Linux web hosting.  Main features include:

1. Application Packaging Standard (APS) ? The new site applications format is open and can be used by individual software developers, ISVs and service providers for packaging their own applications.
       PHPBB2 Forum
       Joomla! Information Portal
       Moodle Online Learning
       Mantis Customer Support
       Serendipity Personal Portal
       WebCalendar Groupware
       phpMyVisites Statistic
       XOOPS Portal
       Drupal CMS
       MyOrgBook Calender
       B2evolution
       BBclone
       Coppermine
       Mambo

2.  Single Sign On (SSO) ? Single Sign-on technology gives ability to use single authentication gate (like Active Directory) and share user sessions between multiple applications. Thus the user does not need to type login/password each time he switches to another application easing the ability to integrate multiple applicaations. In this Plesk release Single Sign-on comes in status of technology preview, therefore it is not enabled by default.

3. MIVA Merchant Module ? Now available on all platforms, MIVA Merchant is a storefront development and management system. It integrates catalog, product, fulfillment, maintenance, category management, shopping cart, order processing, and credit card processing in association with many of the MIVA payment providers, including Authorize.net, VeriSign.com, and several others.

4. Plesk Anti-Virus Powered by Kaspersky ? Now available on all platforms, the Kaspersky Antivirus (KAV) filter for email is able to check incoming/outgoing emails filter attachments via name and MIME type
operate infected objects according to user’s decisions.

5. Ruby on Rails. Ruby component is updated to latest stable version (1.8.6).

6. Horde components upgrade.  Horde and it’s components upgraded to latest upstream releases. For this moment this releases are:
 horde to 3.1.4
 imp to 4.1.4

 

 

Citihomes Realty, Inc. – Online

admin 1 Comment

Cityhomes Realty,Inc. is a one stop shop in buying a house and lot unit. Its design and construction group, the Goodhaven Construction and Development Corporation leads in searching for your dream house or commercial unit, from project planning design to construction, to the best financing options most suitable for your needs and budget, all under one roof! Check out their custom built houses, residential, commercial and subdivision projects.

Double Web Bandwidth:Website Mirroring Service

admin 26 Comments

Double your BandwidthIf your visitors are constantly unable to visit your website because of limited bandwidth and similar limitations, then try our Web Mirroring Service.

WebMirroring effectively doubles the available webservers for your site. It is perfect for serving up more web traffic by using more webservers.  Web Mirroring Service will have mirror image of your current website stored in our servers and this helps out your origin webserver by taking up some of the extra load. This instantly adds an extra webserver.

This service is perfect for handling sudden traffic surges!

Our webmirroring service is available for both the US and Asian target markets. By having mirror copies of your website in either our Asian or US servers, your website visitors will be closer to your content.  This improves the user experience.

Web mirroring Service is easy to implement. We only need to make some minor DNS modifications. Web mirroring service coupled with our global geographically aware DNS service combines to ensure that clients are directed to the closest specified server.

Just engage the service and we deploy this service for you. Email us at team[at]bnshosting.net for more details.

.ASIA Land Rush

admin Leave a comment

Consider registering your site under the soon to be launched .asia domain name. There is .asia sunrise time period now. 

The Sunrise refers to the period of time prior to the launch of the new .asia top-level domain during which owners of trademarks are eligible to register a .asia domain name containing the owned mark, for example: nike.asia, sony.asia

The Landrush refers to the initial period of public availability of the new .asia top-level domain. Interested registrants who qualify for the CER can submit their entries now for the .asia Landrush priority registration. 


When does .asia become available to the public?
General availability of .asia is March 2008