locked
Trustwave Unable to Scan website to Validate for PCI Compliance RRS feed

  • Question

  • As of a month ago, Trustwave was able to scan my site and validate that it was PCI compliant. Now, the scan is unable to do so due to the following evidence:

    Port was open, but now it's closed

    Port 443/TCP

    Banner  Microsoft IIS/8.0

    Does anyone know why this would now be happening, and is there any course for remidiation?

     
    
    
    
    
    Tuesday, September 2, 2014 11:15 PM

Answers

  • Hi Avia,

    Would you be able to browse your website using DNS name to determine if you are able to connect to the website over SSL/HTTPS?
    If it does not work, the there might be an issue with the certificate installed.
    However, if it does work, then there is an issue only when Trustwave scans the website to check PCI compliance. In this case, as the issue is with Trustwave, you would have to contact them.

    Regards,
    Malar.

    • Proposed as answer by Susie Long Tuesday, September 9, 2014 4:05 PM
    • Marked as answer by Susie Long Thursday, September 11, 2014 2:00 PM
    Thursday, September 4, 2014 6:07 AM

All replies

  • Hi Avia,

    Would you be able to check if SSL is enable for your website?
    Your website might switch from HTTPS to HTTP if SSL is not enabled.
    You could in that case configure SSL by uploading a certificate.

    Please refer the link below for further details:

    http://azure.microsoft.com/blog/2013/12/13/securing-your-windows-azure-web-sites-waws-with-https-and-ssl/

    Regards,
    Malar.

    Wednesday, September 3, 2014 8:43 AM
  • Hi Malar,

    The SSL Cert is enabled....

    Wednesday, September 3, 2014 3:57 PM
  • Hi Avia,

    Would you be able to browse your website using DNS name to determine if you are able to connect to the website over SSL/HTTPS?
    If it does not work, the there might be an issue with the certificate installed.
    However, if it does work, then there is an issue only when Trustwave scans the website to check PCI compliance. In this case, as the issue is with Trustwave, you would have to contact them.

    Regards,
    Malar.

    • Proposed as answer by Susie Long Tuesday, September 9, 2014 4:05 PM
    • Marked as answer by Susie Long Thursday, September 11, 2014 2:00 PM
    Thursday, September 4, 2014 6:07 AM