I thought “nat traversal” was going to be enabled. I swear it came up a few months ago.
Port-forwarding hurts because my PCI compliance auditor hates seeing the port open, especially with a bad cert.
If you’re running this on the same network as systems required to be PCI compliant, I cringe quite a bit. Sorj needs to be isolated away from PCI compliant systems. You’re putting your customers’ purchase data and PII at risk.
1 Like
It isn’t. Don’t worry.
My PII is in a vendor’s DB, my only access to it is in a HIPAA/HITRUST way, through sandboxed instances in a SCIF-like environment.