The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organisations that handle certain branded credit cards, such as Visa, MasterCard, and American Express.
The first stage of the PCI compliance application is for your site to be scanned by one of the companies involved. If your site is on one of our shared servers, you may find that the scan comes back as failed.
This is usually due to port 3306 being open. Since port 3306 is the default port for MySQL, we must keep this port open on our servers to allow remote connections to be completed.
Also, during the second stage of PCI compliance, you will be asked if you have control over who has access to your data. Since our staff would ultimately have access to all areas of a shared web server, your application would also fail at this point.
If you need to have PCI DSS compliance for your site, please consider upgrading to a VPS, Hybrid Server, or Dedicated Server, where you will have full control to close the ports and make changes necessary to pass the scan. You also have full control over who can access the server and who can not.
If you are using our own payment servers, we are fully PCI compliant.