More Information

Kartris RSS Feed

News, updates and other things-you-should-know.

Receive email when our RSS news feed is updated, courtesy of Google Feedburner.

Follow Kartris on Twitter.

Free Kartris support forums.

Home Features Security

Security is a critical factor with any web site - especially so for an online store.

Kartris is designed from the ground up to provide a secure platform for ecommerce, and has a number of key elements lacking on many systems:

all database operations carried out via parametrized stored procedures - immunity to SQL injection attacks (perhaps the most common and most dangerous web application vulnerability)
password hashing - all user account passwords are hashed (scrambled) when stored in the database
support for IP address restriction on admin area
full SSL support (requires a secure certificate for your site) - when turned on protects the back end, checkout, customer login and every single page viewed by a logged-in customer
cookie and viewstate encryption - viewstate tampering can be used for XSS attacks

When set up appropriately, Kartris is PCI compliant.