[bigredseo]

Jarron, what a wealth of information and questions! Great job documenting it all. I really think that these questions deserve their own thread rather than getting burried here in this PCI thread. Can forum admins move these to another NEW thread so we can follow along on this?

From a web hosts standpoint, we are seeing MOST people who install X-Cart using the 4.3 branch and really we're not seeing any complaints from users on it. I don't know if it's "stable" by forum standards, but definitely from our end we're not seeing half the questions or problems that people ran into in the 4.0 and 4.1 versions. It seems to play rather nice on the server from our end.

One question I wanted to throw in here was in regards to the F.2-2 part (using X-Payments on a 2nd server). Can someone clarify if this just means hosting it on an alternate SHARED account with a dedicated IP number, or if it requires it's own environment (VPS or Dedicated Server)? Even if it needed it's own Dedicated IP number that will mean TWO SSL certificates needed by store owners - one for their site (customer logins etc) and one for the Payment section which would be on a separate server/domain. So my question is does having X-Payments on a separate shared hosting account that ONLY runs X-payments satisfy PCI, or does it need to be on a VPS/Dedicated Server?