How to set up an e-commerce website?

[Howso]

Hello to everyone, I am a new user.

I have some questions: I need to set up an e-commerce website, in order to sell the goods in my little shop on the net as well, and I really need a high grade of security. I have to set it up alone, therefore I need some advice. Which site manager can I use?

Thank you.

 

[ShelLuser]

I need to set up an e-commerce website, in order to sell the goods in my little shop on the Net as well, and I really need a high grade of security.

Security starts by gaining an understanding of how the things you use actually work. So when we're talking an interactive website of sorts I'd imagine Apache (webserver), MySQL or PostgreSQL (database servers) and a language used to actually program some web-related aspects, one of the more popular being PHP.

So that's where I'd start. Install Apache and look into how you set up your own website. Then look into a SQL server and check up on how to set up your database(s). And so on.

The reason why my suggestion would be to do it like this is obviously security: why rely on third party programs if you can easily set things up yourself? It's really not that hard. But also because a project like that most likely doesn't stop by configuring an environment. Most likely you'll reach a point where you'd need to fine tune your setup (for example tuning Apache so that it can better handle any possible higher demands).

And if you reach those stages you're much better off if you already have some basic understanding of these programs.

As mentioned earlier; it really isn't as hard as it might look. To set up an extra website in Apache all you'd basically need to do is enable the inclusion of /usr/local/etc/apache22/extra/httpd-vhosts.conf, and then simply changing that file so that you'll end up with website definition which suits your needs.

 

[Savagedlight]

I would strongly discourage setting up your own e-commerce site, especially if you are not proficient within strongly related topics already. You'll be dealing with customers' personal data, payment information, etc. It'll be a PITA to secure the aforementioned data, more of a PITA to implement routines which would detect intrusions/leakage of data, and even more of a PITA to comply with legislation. You're responsible for that data.

You're certainly better off using some already existing solution, such as those provided by PayPal. Some popular web hosts also provide e-commerce solutions.

 

[NewGuy]

Where security is a concern I would seriously consider hiring someone to do it for you. Much better to pay out a little money up front than to have credit card information stolen from your site.

 

[throAU]

New guy you are right. If the security is concern then hiring someone is better then doing itself.

Depends who you hire.

 

[gkontos]

Regardless of the CMS that will drive your e-shop, you should use www/mod_security as an extra layer of security. Of course this requires tuning also.