Announcement

Collapse
No announcement yet.

UseCookies=0?? Empressa mivavm.conf file

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    UseCookies=0?? Empressa mivavm.conf file

    The instructions in the readme docs say to include the following line in the mivavm.conf file:

    usecookies=0

    When I asked a questions about removing it a few years back (https://www.miva.com/forums/forum/de...-empressa-5-23) I was told it could be in there if there were problems with a PCI scanner failing. I never intentionally put this in there - I only added it because it was in the installation documentation.

    I need to remove it because it is creating a problem with the callerid function.

    Is there some reason I should not remove it? Is there any way to test to make sure it doesn't cause a problem with a PCI scanner?
    ---------------------------------
    Robin McDermott, CQE
    Director of Training
    QualityTrainingPortal.com

    #2
    Having it there will often cause issues with PCI scanners because they have an expectation that a session ID will differ between insecure and secure connections, and do not know, or care, that the payment application is not using that value regardless. Miva Merchant does not make use of the session cookie Empresa will set, so from a Miva Merchant perspective, there will be no difference in behavior whether that directive is present or not.
    David Hubbard
    CIO
    Miva
    [email protected]
    http://www.miva.com

    Comment


      #3
      Great. Thanks for the explanation! It is interesting that the installation instructions have this as something that should be in the conf file.
      ---------------------------------
      Robin McDermott, CQE
      Director of Training
      QualityTrainingPortal.com

      Comment


        #4
        For Miva Merchant users, it's fine to have it by default given it can avoid PCI scan false positives, and Miva Merchant is what 99% of Empresa installations are for. The documentation is likely written from that perspective.
        David Hubbard
        CIO
        Miva
        [email protected]
        http://www.miva.com

        Comment

        Working...
        X