Can shopping carts be safely implemented on shared hosting?
What are some of the best practices, limitations, and concerns when implimenting shopping carts on shared hosting?
Can shopping carts be safely
implimented on shared hosting?
I think the short answer is:
YES
although to be honest there does NOT exist a thing as truly safe. When you do bank transactions there even is a risk(very small). Or if you you fly plane there is the probability it can crash. But the odds are going to be extremely small if you do it correctly. Also if you use a solid payment gateway your transactions are going to be refunded if there was some sort of problem.
I think it can be if:
- I think this is the most important part. You trust(know they care about security) your shared hosting. I for example would trust Google's App Engine to be safe and recommend to use it.
- Use SSL to make sure your HTTP connection is safe. Also Google's App Engine has you covered. But there are more shared hosting provider who offer SSL.
- You don't do the payment yourself, but use a proper payment gateway like for example Paypal.
- Don't store the passwords in your database, but use federated login like for example openid(lightopenid is very easy library), facebook connect, twitter single signin, etc.
- have CSRF-protection in place.
- have XSS-protection in place. On PHP make sure filter has been configured properly.
- Have measurements again SQL-injection. I would advise to use PDO.