Designing a site for a professional association

Discussion in 'HTML' started by Luvin lunch, Sep 14, 2008.

  1. Luvin lunch

    Luvin lunch Guest

    Hi,

    I've been asked to look after the website for a very new professional
    association for my profession. At the moment we have a whopping 50
    members! We do however, hope to increase the membership. So we plan
    on having online registration of members and in order to register
    you'll have to pay. My first instinct is to go with Pay Pal because I
    know it but other people are talking about PCI DSS compliance. I
    googled this compliance and it appears to just be secure procedures
    and processes to which a site must comply to avoid data being stolen.
    Would Pay Pal or one of its competitors not do this? Is Pay Pal the
    best route do you think?

    We also want our content to be managed ie uploaded by non-technical
    administrators and to be able to send group emails and bulletin
    newsletters. I've been looking at how to do that. yourmembership.com
    looks alright but it's too pricey for us. Would someone have an idea
    on the best way to set up our site so we can manage communication from
    it easily?

    The last time I did any development was back on asp 1.0 and it was for
    a web based application, not an actual website. It's not my intention
    to do the development, I'm just facilitating it. I would really
    appreciate some guidance on how to set the payments and the website
    itself up.

    Thanks

    LL
    Luvin lunch, Sep 14, 2008
    #1
    1. Advertising

  2. Luvin lunch wrote:
    > Hi,
    >
    > I've been asked to look after the website for a very new professional
    > association for my profession. At the moment we have a whopping 50
    > members! We do however, hope to increase the membership. So we plan
    > on having online registration of members and in order to register
    > you'll have to pay. My first instinct is to go with Pay Pal because I
    > know it but other people are talking about PCI DSS compliance. I
    > googled this compliance and it appears to just be secure procedures
    > and processes to which a site must comply to avoid data being stolen.
    > Would Pay Pal or one of its competitors not do this? Is Pay Pal the
    > best route do you think?
    >


    Going though through process myself having had a commercial site for 10
    years. My site and practices are compliant but the shared web hosting
    server is not. I have not found a single shared web hosting server that
    will pass. I doubt their are any.

    Other options are dedicated server ($$$$) or VPS virtual private server
    (a little more pricey than shared and my option) or lastly and probably
    best solution for most, a payment gateway like PayPal. If you use a
    payment gateway like PayPal the financials are handled on their server
    not yours so the PCI Compliance problem for the server is theirs not
    your's. (you still have to follow all the other aspects of the protocol
    on your end with respect to paper, and data...)

    HTH

    --
    Take care,

    Jonathan
    -------------------
    LITTLE WORKS STUDIO
    http://www.LittleWorksStudio.com
    Jonathan N. Little, Sep 14, 2008
    #2
    1. Advertising

  3. Luvin lunch

    Andy Dingley Guest

    On 14 Sep, 18:20, Luvin lunch <> wrote:

    > My first instinct is to go with Pay Pal because I
    > know it but other people are talking about PCI DSS compliance.  


    You shouldn't need to worry about PCI DSS. If you did _need_ to worry
    about this, then it doesn't sound like you're currently in a position
    to actually achieve it in an appropriate way.

    If you use PayPal (or WorldPay, or ProTX, or many other payment
    gateways) then you _avoid_ the need to worry about PCI on your own
    site because they handle it all for you.

    It's worth reading the PCI docs just to be aware of them, but really
    they don't have much detail in them at all (in terms of technical
    implementation). Their guidance on what you MUST NOT store is worth
    noting though (CVV2 etc.). In general though, a good browse through
    Ross Anderson's books, Bruce Schneier's blog and the general industry
    bablel about security best practices should give you a reasonable
    grounding. If you aren't sure you can do something entirely
    competently as yet (e.g. holding personal data), then best to avoid
    doing it until you can guarantee this.
    Andy Dingley, Sep 15, 2008
    #3
  4. On Sun, 14 Sep 2008 10:20:52 -0700 (PDT), Luvin lunch
    <> wrote:

    >Hi,
    >
    >I've been asked to look after the website for a very new professional
    >association for my profession. At the moment we have a whopping 50
    >members! We do however, hope to increase the membership. So we plan
    >on having online registration of members and in order to register
    >you'll have to pay. My first instinct is to go with Pay Pal because I
    >know it but other people are talking about PCI DSS compliance. I
    >googled this compliance and it appears to just be secure procedures
    >and processes to which a site must comply to avoid data being stolen.
    >Would Pay Pal or one of its competitors not do this? Is Pay Pal the
    >best route do you think?
    >
    >We also want our content to be managed ie uploaded by non-technical
    >administrators and to be able to send group emails and bulletin
    >newsletters. I've been looking at how to do that. yourmembership.com
    >looks alright but it's too pricey for us. Would someone have an idea
    >on the best way to set up our site so we can manage communication from
    >it easily?
    >
    >The last time I did any development was back on asp 1.0 and it was for
    >a web based application, not an actual website. It's not my intention
    >to do the development, I'm just facilitating it. I would really
    >appreciate some guidance on how to set the payments and the website
    >itself up.
    >
    >Thanks
    >
    >LL



    Paypal ask and take extra money for him on the first payment .....i
    think that is an abnormal practice...
    Raymond SCHMIT, Sep 15, 2008
    #4
  5. Luvin lunch wrote:
    > Hi,
    >
    > I've been asked to look after the website for a very new professional
    > association for my profession. At the moment we have a whopping 50
    > members! We do however, hope to increase the membership. So we plan
    > on having online registration of members and in order to register
    > you'll have to pay. My first instinct is to go with Pay Pal because I
    > know it but other people are talking about PCI DSS compliance. I
    > googled this compliance and it appears to just be secure procedures
    > and processes to which a site must comply to avoid data being stolen.
    > Would Pay Pal or one of its competitors not do this? Is Pay Pal the
    > best route do you think?


    Google: "pci dss" paypal

    First result:

    https://www.paypal.com/pcicompliance
    Harlan Messinger, Sep 16, 2008
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. dinesh prasad
    Replies:
    0
    Views:
    450
    dinesh prasad
    Oct 19, 2003
  2. Lee Hirt

    Professional Web Site Services

    Lee Hirt, Oct 1, 2003, in forum: HTML
    Replies:
    32
    Views:
    1,064
    TresWBL
    Oct 14, 2003
  3. red_dragon2983
    Replies:
    25
    Views:
    663
    Nick Theodorakis
    Mar 25, 2006
  4. Replies:
    1
    Views:
    350
    Beauregard T. Shagnasty
    Jun 13, 2006
  5. Cerebrums Software Solutions

    Professional web site design and domain for $99 only

    Cerebrums Software Solutions, Oct 3, 2009, in forum: ASP .Net
    Replies:
    0
    Views:
    450
    Cerebrums Software Solutions
    Oct 3, 2009
Loading...

Share This Page