Question

Digital Ocean PCI DSS Server Compliance

Hey,

I’ve scanned resources regarding this within the DO community, but what level of PCI compliance are the DO servers if any?

I’m currently running a magento store and planning on letting users enter card information on site but process the transaction with 3rd party such as sage or stripe.

Has anyone tackled this before?

Thanks


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

I roughly followed this guide: http://bodhizazen.net/Tutorials/SSH_security

the droplet passed the PCI Compliance scanner on the first try. In years past (when I was using other hosting) there would always be something that needed fixing or updated, so it was nice to have it pass on the first go.

Moderator update (2021): Our certifications are now available via our Trust Platform at https://www.digitalocean.com/trust/certification-reports/


You can find information on our certifications/compliance for each datacenter here.

Much of PCI-DSS compliance depends on the configuration of your droplet and the services you run on it. We do not provide a hardened image by default but you receive full root access to configure your droplets as you require.

Hello there,

You can see the certificates and we recently changed this page so you can download the certificates you’d need here:

https://www.digitalocean.com/trust/certification-reports

Hope this helps!