For those who run an internet retailer, settle for funds by your web site, or deal with cardholder knowledge of any variety, you’ve virtually actually wrestled with PCI compliant internet hosting necessities. The questionnaires, the scan failures, the back-and-forth together with your cost processor. It’s lots to handle on prime of really operating a enterprise. We constructed our new PCI Compliant Internet hosting plans to take the infrastructure facet of that burden off your plate.
What PCI-DSS Truly Requires from Your Internet hosting
The Fee Card Trade Knowledge Safety Normal units technical and organizational necessities that any service provider dealing with card knowledge should meet. A giant chunk of these necessities come all the way down to your server setting: how visitors is encrypted, what ports are uncovered, whether or not your software program stays patched, how accounts keep remoted from each other, and whether or not a WAF filters malicious requests earlier than they attain your utility.
Most traditional shared internet hosting environments don’t meet these necessities out of the field. Retailers on common shared plans find yourself chasing down scan failures that their host both can’t repair or gained’t deal with shortly. Our PCI Compliant Internet hosting adjustments that equation by ranging from a correctly hardened baseline.
What We’ve Performed Below the Hood
Each PCI Compliant Internet hosting account runs in its personal remoted container by way of CloudLinux’s LVE (Light-weight Digital Surroundings) system. This isolation isn’t simply good for compliance. It provides you assured CPU, reminiscence, and I/O sources that no different account on the server can contact. No noisy neighbors, no shared danger.
Our workforce configures the servers to PCI DSS requirements on the community and OS stage from the bottom up. We disable weak SSL/TLS protocols and cipher suites, leaving TLS 1.2 and TLS 1.3 enforced throughout the board. We shut pointless ports. ModSecurity WAF runs on each plan, filtering visitors earlier than it reaches your account. Our workforce handles OS and software program patching, so that you don’t have to trace it your self.
Each account comes with a devoted IPv4 deal with and free SSL certificates, accurately configured from day one. Our workforce runs automated every day backups and retains them on retention. You get full SSH entry and the entire cPanel management panel to handle your web site, e-mail, and databases by a well-recognized interface.
An Vital Clarification About PCI Compliance
PCI Compliant Internet hosting covers the internet hosting portion of your compliance image. Full PCI compliance additionally relies on your utility code, how your software program handles and shops cardholder knowledge, and your inner enterprise processes. These areas keep the service provider’s duty.
The server setting passes the technical scans that Authorised Scanning Distributors (ASVs) run. You continue to must run quarterly exterior vulnerability scans by an ASV and full your annual Self-Evaluation Questionnaire. That paperwork doesn’t go away. However if you run these scans on a KnownHost PCI Internet hosting account, the server comes again clear. If a scan flags one thing on the server facet, open a ticket with the scan report hooked up and our workforce will deal with it.
We monitor adjustments to the PCI-DSS commonplace as new variations roll out and replace our hardening configurations to match.
Compliance Shouldn’t Value a Fortune
We provide three tiers, all accessible throughout our Atlanta, Seattle, and Amsterdam knowledge facilities.
The Entry PCI Internet hosting plan begins at $24.95/month. It contains 2 CPU cores, 2 GB of reminiscence, and 50 GB of NVMe storage, and handles as much as 100,000 visits per 30 days. It’s the suitable start line for smaller storefronts that want a compliant setting with out paying for capability they don’t use.
The Enterprise PCI Internet hosting plan runs $34.95/month and steps as much as 4 cores, 4 GB of reminiscence, and 100 GB of NVMe storage, with room for as much as 200,000 month-to-month visits. We suggest this one for many rising e-commerce operations.
The Company PCI Internet hosting plan at $79.95/month delivers 6 cores, 6 GB of reminiscence, 150 GB of NVMe storage, and handles as much as 500,000 month-to-month visits for higher-traffic websites.
All three plans run on LiteSpeed net server with NVMe-backed storage. They embrace Imunify360 for real-time malware and intrusion safety, Redis and Memcache object caching, and our full 24/7/365 help workforce.
If your enterprise has grown past shared internet hosting or wants extra management over the setting, our managed VPS and devoted server plans may also meet or exceed PCI DSS necessities. Attain out to our workforce and we’ll assist you to discover the suitable match to your dimension and visitors.
Already Internet hosting Someplace Else?
For those who’re switching to KnownHost for compliance causes (or another cause), our workforce handles the total migration for you, together with recordsdata, databases, and e-mail, at no extra cost. Your web site stays dwell in the course of the transfer, and we check every thing after so that you’re able to run scans from day one.
To get began, go to https://www.knownhost.com/pci-compliant-hosting . When you have questions on whether or not our PCI Internet hosting setting suits your particular state of affairs, attain out to our workforce and we’ll stroll you thru it.
