Closed raamdev closed 9 years ago
@jaswsinc Can can you confirm/deny that s2Member does not collect any billing information even in the log files? I seem to recall some information related to billing being logged when logging is enabled, but I don't believe that applies to things like billing addresses and credit card numbers; is that correct?
Is there any other information that you think would be useful in this KB article?
Can can you confirm/deny that s2Member does not collect any billing information
s2Member log files do contain personally identifiable information and even credit card numbers, expiration dates, CVV codes, API credentials, and more. We do our best to XXXX those out, but the purpose of log files is to gather information for the purpose of debugging the software or your own implementation.
We highly recommend that logging be disabled once your site goes live, and that you contact the NSA and have them permanently delete, destroy, and burn all drives that contained those log files in order to avoid the Hillary effect--which can come back to haunt you later.
Is there any other information that you think would be useful in this KB article?
Maybe some screenshots of the Log Viewer in s2Member.
Damn, this is really funny. But on a serious note, it's why I went with Stripe; no data to breach for me to get sued.
On August 13, 2015 9:07:56 PM JasWSInc notifications@github.com wrote:
Can can you confirm/deny that s2Member does not collect any billing information
s2Member log files do contain personally identifiable information and even credit card numbers, expiration dates, and CVV codes. We do our best to XXXX those out, but the purpose of log files is to gather information for the purpose of debugging the software or your own implementation.
We highly recommend that logging be disabled once your site goes live, and that you contact the NSA and have them permanently delete, destroy, and burn all drives that contained those log files in order to avoid the Hillary effect--which can come back to haunt you later.
Is there any other information that you think would be useful in this KB article?
Maybe some screenshots of Log Viewer in s2Member.
Reply to this email directly or view it on GitHub: https://github.com/websharks/s2member-kb/issues/256#issuecomment-130907961
@jaswsinc wrote: We highly recommend that logging be disabled once your site goes live, and that you contact the NSA and have them permanently delete, destroy, and burn all drives that contained those log files in order to avoid the Hillary effect--which can come back to haunt you later.
A log chipper works. ;)
A log chipper works. ;)
:smile: Good idea!
KB Article Creation Checklist
draft
and eitherquestions
ortutorials
draft
label, adddraft-finalized
label)draft-finalized
label, addpending
)pending
label, addpublished
label)Additional TODOs
Additional TODO list items go here.
KB Article Published @ s2member.com
:page_with_curl: See: Does s2Member store any billing information?
:octocat: View Markdown File | :pencil2: Edit Markdown File