WCPOS Docs
WCPOS Docs
Docs
FAQ
Support
Introduction
Installation
Products
Cart
Checkout
Receipts
Orders
Customers
Coupons
Hotkeys
Reports
Stores
Settings
Admin
Support
Legacy Servers
Plugin Conflicts
POS Performance
Debugging
Security
Powered by GitBook

Security

It is your responsibility to ensure the security of your customer's information

WooCommerce POS allows payment using any installed WooCommerce gateway. If the payment gateway collects personal information it is up to you to ensure the security of your customer's information. Below are some tips for keeping your POS secure:

Use a SSL certificate

If you are running an online store you should have a security certificate for your website. This will ensure any form data you send, such as logins and credit card numbers, will be encrypted. If you are not using a security certificate any information you send over the internet can be intercepted and read, this might be someone sharing your network or it could be at any one of the dozens of nodes that connects your computer to your server. A basic security certificate costs as little at $US16 and takes less than a day to set up .. so there are no excuses for not having a security certificate.

Don't leave your POS unattended

Snooping over the internet is just one way your security can be compromised, but more often the real damage is done when a malicious user gets physical access to your device. This is particularly pertinent to store owners who often leave their computer or tablet in high traffic areas. Plan for the worst case scenario that someone steals your computer or device and minimise the risk by employing some security measures, such as:

  • Use a lock screen when your device is unattended for 5 or 10 minutes

  • Log out of WordPress and WooCommerce POS when you leave your device

  • Reset your passwords quickly in the event that your device is stolen

  • Remote wipe your device in the event it is stolen

Use the least number of plugins possible

One of the great things about WordPress is the 1,000's of plugins available at a click of a button ... but it's also one of the worst. Each time you install a plugin you are effectively granting that plugin access to your website and any data passing through it. I know it tempting to 'pimp' your store with every plugin under the sun, but quite often this will make your site slower and it may make your site insecure. Before you install any plugin you should ask yourself:

  1. Do you really need it?

  2. Do you trust the plugin author?

For more information on securing your WooCommerce store please read this great post on the WooThemes website.

Previous
Debugging
Last updated 4 months ago
Contents
Use a SSL certificate
Don't leave your POS unattended
Use the least number of plugins possible