Announcement
Collapse
No announcement yet.
UseCookies=0?? Empressa mivavm.conf file
Collapse
X
-
For Miva Merchant users, it's fine to have it by default given it can avoid PCI scan false positives, and Miva Merchant is what 99% of Empresa installations are for. The documentation is likely written from that perspective.
-
Great. Thanks for the explanation! It is interesting that the installation instructions have this as something that should be in the conf file.
Leave a comment:
-
Having it there will often cause issues with PCI scanners because they have an expectation that a session ID will differ between insecure and secure connections, and do not know, or care, that the payment application is not using that value regardless. Miva Merchant does not make use of the session cookie Empresa will set, so from a Miva Merchant perspective, there will be no difference in behavior whether that directive is present or not.
Leave a comment:
-
UseCookies=0?? Empressa mivavm.conf file
The instructions in the readme docs say to include the following line in the mivavm.conf file:
usecookies=0
When I asked a questions about removing it a few years back (https://www.miva.com/forums/forum/de...-empressa-5-23) I was told it could be in there if there were problems with a PCI scanner failing. I never intentionally put this in there - I only added it because it was in the installation documentation.
I need to remove it because it is creating a problem with the callerid function.
Is there some reason I should not remove it? Is there any way to test to make sure it doesn't cause a problem with a PCI scanner?Tags: None
Leave a comment: