Mi name is Jose and I work for a payment gateway for e-commerce in Europe.
I saw in this Forum that many of you had problems with your Payment Gateway.
I would like to open this area to share your problems and help you to solve it.
Thank you so much.
I am creating an API gateway (Jwt based) to protect my microservices APIs. I was thinking in order to enhance security at authorization i could implement Oauth2 protocol at the gateway level. Is that a good idea and why?
Say I have a gateway which provides authorization mechanisms by validating a JWT, behind an api-gateway there are different micro-services but only the gateway port is public. As a software designer you decide to make all micro services unaware of authorization-related operations to remove code duplication and minimize the affected components when a security related change is needed. That is, all of the micro services would not contain any validation of the JWT.
How is it possible to prevent a horizontal privilege escalation when there’s a valid JWT but the attempted operation does not pertain to the current user? such as updating the user profile of a different person, keep in mind the api should not require to read the and compare the subject or issuer of a JWT to the user profile being updated, Is it even possible to achieve this?
Hoping one of you out there can offer suggestions or at least tell me I’m not alone. Our WP site has had a random 502 Bad Gateway problem for few days now – happens once every few page loads. I’ve been down the server-side troubleshooting list (with help of Bluehost) and the my-side list (disabling all plugins, updating theme, latest PHP..) – everything on the site is up to date, and 2 bad plug-ins were removed.
Some online articles tell me if this happens once every few loads it’s a server-side problem. The hosting company assures me it is a problem with the ‘optimization of website or database’ – whatever that great expanse of possibilities entails.
I’m running out of questions to ask – I just want my site to load each time somebody visits. Can anybody help?
Many payment gateways, like PayPal and Stripe, offer a client side
Form where you input the sale data (price, amount, buyer address, etc), and it’s being sent to the gateway (e.g PayPal) from the client side.
But, at this point when i fill the form using
I know things has to be validated on my server, but validation means that the server is sending back to client a response saying this price is good or not good, but this respond can also be manipulated.
So how is it that companies allow client side payment anyway using a form ? How/where the actual sale data is being passed to the payment gateway ? client? server?
please suggest some, Thanks.
We have a web server behind an AWS Load Balancer. We’d like to block any host from accessing our web server if they are connecting from a Consumer VPN style network. We’ll also be doing some geo-location blocking too which we can do with AWS WAF.
For blocking Consumer VPN networks, does anyone know the easiest/fastest way to obtain a listing of CIDR blocks registered to Consumer VPN companies? I have a list of IPs that I can do a WHOIS on and find the registered block, but that wouldn’t give me all of the networks out there. I’d have to do quite a bit of WHOIS searching and guessing to build it manually. If there’s a resource out there that could help me with this endeavor that’d be great.
MERCHANT SERVICES for C
Accept cryptocurrency payments from all over the world
Accept Bitcoin and other cryptocurrencies, gain new customers, and avoid the cost of high fees and chargebacks.
ExoCrow makes accepting blockchain payments fast and reliable. To get started, sign up for an ExoCrow account.
With blockchain payments, there's no sensitive customer information to collect and store, and there are no cards to charge. Customers simply send cryptocurrencies (like Bitcoin, Ether, or…
ExoCrow – payment gateway for crypto, merchant accounts
I tried to use nmap in my computer and saw that nmap cant find nothing for my local computer ip(even that HTTPS absolutely open).
But when I tried to scan nmap with range of IP’s I saw that the only open port’s nmap found was on the default gateway ip.
Why is that?(cant find nothing on the web).
edit: I have been asked to give exampale.
so lets say my default getway(router) ip its 188.8.131.52 and my first computer local ip is 184.108.40.206 and my second computer loacl ip is 220.127.116.11
when I try nmap(with different parameters) on 18.104.22.168 or 22.214.171.124 I dont getting any open port(“all 1000 ports are closed”)
but when I try nmap on 126.96.36.199 I am getting 12 open ports(that I belive open on my first or second computer).
I'm considering using the comgate payment system. Does anyone here have any experience with this company and could offer any advice or insight? I will be accepting payments in czech koruna and euro.