We at Microburst Technologies, Inc. take security very seriously, but in order to ensure that transactions are indeed secure, it is up to you to setup uStorekeeper correctly. This reference page describes how uStorekeeper Security works and how to configure uStorekeeper correctly in order to ensure secure transactions.
- How uStorekeeper Security Works
- uStorekeeper Security Requirements
- Configuring uStorekeeper For Secure Transactions
- The "data" Directory On Your Secure Server
1. How uStorekeeper Security Works
In order to ensure that sensitive payment information gets securely from the customer to the store owner, uStorekeeper implements a two step process. Step 1 is securely getting the order information from the customer to a file on the secure server. Step 2 is securely getting the order file from the secure server to the store owner. This process works in correlation with your secure server's SSL communication protocol and at no time is sensitive payment information sent via email. This is illustrated in the figures below.
2. uStorekeeper Security Requirements
uStorekeeper itself, does not implement any encryption mechanism, but rather relies on the standard SSL protocol that is used when communicating with a secure server. That is, the encryption is handled external to uStorekeeper - by your browser and your secure server. Thus, in order to make transactions secure, you must have a secure server upon which you can install uStorekeeper's CGI scripts. Furthermore, because the shopping cart data that the customer generates while shopping on your public (http) server must also be accessable by the uStorekeeper scripts on your secure (https) server, your public server and your secure server must physically be the same server. (This is typically the case.)
Note that if you will be using Authorize.Net to process the customer's payment information, then the secure server requirement can be waived. This is because the customer will be transferred to Authorize.Net's secure server when entering the payment information. The payment information will stay on Authorize.Net's secure server and only a transaction approved/denied indicator is sent back to the storeowner's server.
3. Configuring uStorekeeper For Secure Transactions
See the uStorekeeper User's Guide for information about configuring the uStorekeeper CGI Scripts. Note that the following configuration questions should refer to the URL of your secure server (beginning with https): Question #3 ($secure_domain), Question #5 ($secure_runtime_script_url), Question #7 ($secure_manager_script_url), Question #9 ($secure_affiliate_script_url), and Question #11 ($secure_image_url).
4. The "data" Directory On Your Secure Server
As described in the installation section of the uStorekeeper User's Guide, you need to create a "data" directory on your secure server. This directory is where the order files will be stored on your server, so the ustorekeeper.pl script must have permission to read/write to that directory. The trick is that while the directory must be readable/writable by the ustorekeeper CGI script, this directory must not have permissions set so that any website visitor can view the contents of your data directory. That is, it is very important that your data directory is not viewable by regular website visitors.
For UNIX servers, the ideal permissions on this directory is 700 which indicates that only the owner has read/write/execute permissions. However, depending on how your server is setup, CGI scripts when executed from the web may run as 'nobody' or 'www'. In this case, you may have to increase the permissions on the data directory to 755 or even, 777.
For NT servers, the directory needs to have read/write permissions. You may have to ask your web hosting provider to give that directory those permissions because regular FTP programs can't change the permissions of directories on NT servers.
In any case, the thing to remember is that your data directory must not be viewable by regular website visitors. To test this out, try going to the URL of your data directory, such as the data directory on our website:
http://www.uburst.com/cgi-bin/ustorekeeper/data/
You should get some sort of "permission denied" message. If instead you are permitted to see a listing of your data directory, then contact your web hosting provider to get your account setup so that your cgi-bin is not viewable by website visitors. Your web hosting provider should know how to do this.
