Re: X-Cart and PCI-DSS / PA-DSS compliance
I'm not sure about virtual servers. I guess it is acceptable provided there are no ways for users and applications installed on one virtual server to affect users and applications installed on other ones. And I believe it is the way how X-Cart and X-Payments should be installed on the same server machine: each should be on its own virtual server.
As for smaller stores. Most of them will switch to payment gateways that collect credit cards from their websites, not from a merchant's website. There are many payment gateways offering such an integration method.
|