Are 20i PCI compliant?
20i maintains PCI-compliant certification for handling our own transactions. In addition to this, our hosting infrastructure is located within PCI-compliant data centres that consistently pass PCI vulnerability scans. We follow PCI best practices, ensuring our web servers meet all necessary standards to maintain a secure and compliant environment.
How to Perform PCI Scans for Your Website
When performing PCI compliance scans, it is essential to scan your website’s domain name - not the IP address.
- Scanning the IP address will target 20i’s load balancers instead of your actual website, which will result in scan failures.
- Scanning the domain name ensures the check is run correctly against the live site itself.
Best Practices for Website PCI Compliance
- Use a valid and up-to-date SSL certificate to secure data in transit.
- Keep your site running on an up-to-date version of PHP.
- Ensure all website software (CMS, plugins, themes, etc.) is fully updated and uncompromised.