FROM CACHE - en_header
Promotion image

PCI Compliance Failing Due to Shopify Port Open on Port 8443

PCI Compliance Failing Due to Shopify Port Open on Port 8443

MMarquardt
Visitor
2 0 1
‎01-25-2023 12:33 PM

Hi there, 

 

Looking for help with this PCI Compliance Issue I am receiving - here is what we are hearing from the company. Can you please share a response that would satisfy this request?

 

Thank you

 

It is currently failing due to the Shopify port open on port 8443. You would want to ask them for further information confirming that the port is not used for processing credit card information and therefore does not require HSTS headers.

 
Normally we would submit a false positive with their statement, but because this scan does not affect your PCI compliance status that false positive would not be necessary. In the future, when the scan is required, that would be the resolution for that scan result.
 
Because currently you are on PCI Type A 3.2.1, which does not require vulnerability scans. When the the update to PCI Type A 4.0 occurs, those scans would then become necessary for compliance.
 
You would want to contact Shopify to confirm that port 8443 is not intended for public use. When these scan results become necessary for your account you will want to send that statement to [EMAIL] to have a false positive added for that vulnerability.
 
Labels:
1,038 Views
0 Likes
Report
Replies 2 (2)

Shay
Shopify Staff (Retired)
3110 472 663
‎01-25-2023 12:58 PM

Hi @MMarquardt 

 

I can definitely help with that. I can confirm those cookies are not related to session management and are unrelated to the security of cardholder data. You can report that this is a false positive for their scans.

 

You can supply your vendor requesting this information with Shopify's PCI Compliance scan which can be found here: Review and access Shopify compliance reports.

Shay | Social Care @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit the Shopify Help Center or the Shopify Blog

1,025 Views
1 Like
Report
In response to Shay

MMarquardt
Visitor
2 0 1
‎01-25-2023 01:03 PM

Thanks so much for the quick response, we will send this as an answer and let you know if there are more questions.

1,023 Views
1 Like
Report

Community Blog Articles

shopp-e-1741972742895593780274096851.png
Canadian merchants: Update account details by March 24, 2025 to continue us...

Shopify and our financial partners regularly review and update verification requiremen...

By Jacqui Mar 14, 2025
Shopify_0-1741780029041.png
New learning path from Shopify Academy: How to create a digital marketing s...

Unlock the potential of marketing on your business growth with Shopify Academy's late...

By Shopify Mar 12, 2025
CRO-Community-Promo.jpg
Expert insights on conversion rate optimization (CRO) from Shopify Academy ...

Learn how to increase conversion rates in every stage of the customer journey by enroll...

By Shopify Mar 5, 2025
Terms of Service Privacy Policy