How to make a secure e-commerce website?

[dezkit]

Hey guys I had created a while ago a script for my friend where you can buy points and then redeem stuff with those points, i'm looking for ways to keep my site secure: currently what i have done-

 

- protected all mysql queries with mysql_real_escape_string, strip_tags, and addslashes

- have a valid SSL certificate on my website

- checked if emails are valid for account creation

 

what else can I do? Thank you.

[dezkit]

should i also put strip_tags to all user submitted inputs to prevent xss injection?

 

[sKunKbad]

You should also be validating all form input during account creation, the checkout process, or anytime a form is submitted. For instance, for a field that is supposed to be completely alpha characters, you should be checking that there aren't numbers, punctuation, etc.

[theITvideos]

Hey guys I had created a while ago a script for my friend ....

 

- have a valid SSL certificate on my website

 

....

 

Hi dezkit,

 

You mentioned you have a valid SSL on your website.

 

I have 2 questions:

 

[*]Which company is the best for SSL certificate.

 

[*]And once we get the SSL certificate, how do we install it on our specific pages.

 

 

 

Kindly reply dezkit.  Thanks!