Payment processor is robbing me of $50 every month because their PCI compliance scan fails for my shopify store...
they say my website doesnt have "Strict Transport Security" enabled in my X-frame? Server is not support HSTS.
any help? i spoke with them and they said shopify had to help me fix it....but you cant contact shopify support so....
what a racket
It sounds like they are running an ASV scan against your store. Depending on the ASV company they use, the results are always different.
If the scan fails because of not enforcing Strict Transport Security on the following TCP ports:
These ports are not in scope. These ports are unused and terminated at Cloudflare where the offending content is found. These ports are not related to the storage, processing, or transmission of cardholder data.