Payment is very sensitive stuff, it is vital for business. Please please please make sure you have security implementation.
In this guide, we’ll share some good security measures for your Website and REST API.
HTTPS & SSL
Let’s face it. The internet is moving towards HTTPS. So should your website.
For more information, please read this guide.
.htaccess & Limited Login Attempts
Having .htaccess & Limited Login Attemps can protect your website against various attacks, such as DDOS, Brute Force, and more.
Our team uses BPS Security for this purpose. For more information, please visit BPS Security.
Firewall & Virus Scan
Regularly scan your website for vulnarabilities is a good thing.
Our team uses Wordfence for this purpose. For more information, please visit Wordfence.
REST API Security
In additional to HTTPS & SSL, you should also consider authenticating your REST API Requests.
Authentication tells you exactly Who is doing what. In sensitive activities, this can be extremely useful.
For more information, please see Authentication.