Security Issues and WebCommerce Solution

This WebDNA talk-list message is from

1997


It keeps the original formatting.
numero = 11063
interpreted = N
texte = There are some questions about how to set up a secure set of servers in a WebCommerce Solution environment, so I'll start giving you some of our security model here. Yes, we really do spend a lot of time thinking about (and solving) these issues.1) To prevent bad people from getting your credit card via URL, store critical files outside WebSTAR's folder hierarchy. Thus there is no possible URL that can reach the files.1a) Our full WebCommerce Solution (WebCatalog+WebMerchant) addresses this by giving WebMerchant a preference for where it should save completed order files. This can be any folder on any hard disk, presumably outside WebSTAR's folder.1b) WebCatalog2 alone does many things to prevent remote viewing of files -- its default file type for shopping cart files is WWW‡, which WebSTAR refuses to ever serve up. You can store all your credit cards, mother's maiden name, bank records, and passwords in such a file and no one will ever be able to remotely see it. Even SiteEdit Pro won't view it if you have the permissions set right.1c) For WebCat2 we purposely ADDED the ability to view orders (with credit card numbers) remotely. Why? So vendors can receive a short email saying someone just bought. view the full order and card# at this URL, but no credit card number is in the email itself. How is it safe? The URL leads to a password-protected template (using [protect]) that displays the order contents. You access that URL via https. Yes, it's true you can access that URL via plain http (because it's on the same box), but we obviously don't recommend you do that (with convenience comes responsibility). And any bad guys who want to steal credit card numbers must know the full order# (cart), and they must know the password to the template.2) Run WebMerchant on a separate machine from WebCatalog. It's designed to process orders that are sitting in its orders folder, and then move them to another folder when it's done. So for the 10-15 seconds that the file is sitting in that folder, I suppose you MIGHT be able to create a URL to it, but since it's got the WWW‡ file type, WebSTAR still won't serve it up. And WebCatalog can't be coached into serving it up either (via $ShowPage), because it doesn't have in it either.I hope this helps. If you find actual security holes (meaning you've actually been able to get sensitive information without needing passwords, and it's not just a 'thought experiment'), then please email us privately so we can plug those holes. No one has ever been able to crack a Mac, http://hacke.infinit.se/indexeng.html and we'd like to keep it that way!Grant Hulbert, V.P. Engineering | ===== Tools for WebWarriors ===== Pacific Coast Software | WebCatalog Pro, WebCommerce Solution 11770 Bernardo Plaza Court, #453 | SiteEdit Pro, SiteCheck, PhotoMaster San Diego, CA 92128 | SiteGuard 619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com Associated Messages, from the most recent to the oldest:

    
  1. Security Issues and WebCommerce Solution (Grant Hulbert 1997)
There are some questions about how to set up a secure set of servers in a WebCommerce Solution environment, so I'll start giving you some of our security model here. Yes, we really do spend a lot of time thinking about (and solving) these issues.1) To prevent bad people from getting your credit card via URL, store critical files outside WebSTAR's folder hierarchy. Thus there is no possible URL that can reach the files.1a) Our full WebCommerce Solution (WebCatalog+WebMerchant) addresses this by giving WebMerchant a preference for where it should save completed order files. This can be any folder on any hard disk, presumably outside WebSTAR's folder.1b) WebCatalog2 alone does many things to prevent remote viewing of files -- its default file type for shopping cart files is WWW‡, which WebSTAR refuses to ever serve up. You can store all your credit cards, mother's maiden name, bank records, and passwords in such a file and no one will ever be able to remotely see it. Even SiteEdit Pro won't view it if you have the permissions set right.1c) For WebCat2 we purposely ADDED the ability to view orders (with credit card numbers) remotely. Why? So vendors can receive a short email saying someone just bought. view the full order and card# at this URL, but no credit card number is in the email itself. How is it safe? The URL leads to a password-protected template (using [protect]) that displays the order contents. You access that URL via https. Yes, it's true you can access that URL via plain http (because it's on the same box), but we obviously don't recommend you do that (with convenience comes responsibility). And any bad guys who want to steal credit card numbers must know the full order# (cart), and they must know the password to the template.2) Run WebMerchant on a separate machine from WebCatalog. It's designed to process orders that are sitting in its orders folder, and then move them to another folder when it's done. So for the 10-15 seconds that the file is sitting in that folder, I suppose you MIGHT be able to create a URL to it, but since it's got the WWW‡ file type, WebSTAR still won't serve it up. And WebCatalog can't be coached into serving it up either (via $ShowPage), because it doesn't have in it either.I hope this helps. If you find actual security holes (meaning you've actually been able to get sensitive information without needing passwords, and it's not just a 'thought experiment'), then please email us privately so we can plug those holes. No one has ever been able to crack a Mac, http://hacke.infinit.se/indexeng.html and we'd like to keep it that way!Grant Hulbert, V.P. Engineering | ===== Tools for WebWarriors ===== Pacific Coast Software | WebCatalog Pro, WebCommerce Solution 11770 Bernardo Plaza Court, #453 | SiteEdit Pro, SiteCheck, PhotoMaster San Diego, CA 92128 | SiteGuard 619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com Grant Hulbert

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

SQLCONNECT (2005) Shipping Calculation Problem (1997) Random Image (1998) Webstar 4.2 Stops Serving (2000) FORMS: Returning a specific page (1997) WebDNA 4.5 & iTools 7 (2003) using showpage and showcart commands (1996) Locking up with WebCatalog... (1997) Suffix Mapping (1997) OS X, Communigate Pro & Line Breaks (2003) Trouble with carts (2000) Not really WebCat- (1997) different show next (1997) Listing parameters passed into a [function] (2003) Separate SSL Server (1997) [quantity] within formulas (1997) encryption madness (2003) [include ...] behavior (1997) Mac carriage returns (2004) BBEdit WedDNA Codeless Language Module (2004)