Php 5.4

Hi, I have an issue with my store v3.0.6 I use PayPal to accept payments and as part of the process we have to have PCI vulnerability scans via Trust Wave, for the past 2 months our site has failed its test due to being on script version 5.3, our host has tried to upgrade to V5.4 but it failed due to the V3.0.6 script not being compatible.

Is there a way around this other than upgrading to V4.x as we have quite a few addons that were purchased for v3.0.6.




I have monthly Trust Wave scans without failures.It's been over a year of scans. I have 2.2.4 pro using PHP 5.3.

I only use off site payment processing: PayPal Express and Standard, Amazon and cre-secure. Not sure if scans are different if you don't collect or store cc inf on site, but the PHP script is the same. I don't think that just because you are on PHP 5.3 that the can fails. Could be something else.


My PayPal rep insists I don't have to have scans any more. You might want to check with your PayPal rep to see if this is even necessary. He said they have new technology that is similar to Stripe payments, which takes the merchant out of scope for PCI.

I think I need to be PCI compliant due to taking card payments directly on my site, as I subscribe to PayPal Payments Pro, I may have to look into not taking and storing card details on my site and looking at what other options paypal have available.

I'm actually considering moving away from cscart as I have other websites and need an epos with one of them but no one will touch it as they class cscart as a moving target…