Book Image

Magento Extensions Development

By : Bouchet
Book Image

Magento Extensions Development

By: Bouchet

Overview of this book

Magento has been revealed as the best and the most popular open source e-commerce platform in the world, with about 250k+ online stores. Magento 2 is the most recent version of this awesome toolset: every new and modern development techniques are used to offer a real modular approach and powerful architecture. The book will support you in the writing of innovative and complex extensions. Starting from the beginning, we will cover how to set up a development environment that allows you to be really efficient in your functionality writing, including GIT registering and many other development tools. We then move on to provide a large overview of the best practices to scale your module in a high-load environment. After these foundations, you will see how to use test driven-development (TDD) and unit tests to handle your code. We then build a complex extension together, step by step, and internationally-ready. Next, you will find out how to protect the users’ data. Finally, we will take a look a publishing the extension on the new Magento Connect marketplace and how to protect your intellectual property. After you read this book, you will know everything you need to know to become an invaluable extension editor, whether it is for your customers’ needs or for your own requirements.
Table of Contents (11 chapters)
10
Index

The Payment Card Industry Data Security Standard


The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store, or transmit credit card information maintain a secure environment.

It specifies 12 requirements for compliance organized into six logically related groups called "control objectives". They are as follows:

  • Build and maintain a secure network:

    • Install and maintain a firewall configuration to protect cardholder data

    • Do not use vendor-supplied defaults for system passwords and other security parameters

  • Protect cardholder data:

    • Protect stored cardholder data

    • Encrypt transmission of cardholder data across open, public networks

  • Maintain a vulnerability management program:

    • Use and regularly update antivirus software on all systems commonly affected by malware

    • Develop and maintain secure systems and applications

  • Implement strong access control measures:

    • Restrict access to cardholder data by business need-to-know

    • Assign a...