PCI Compliant in 1 Week

Dedicated AWS application hosting packages providing full PCI Compliance, Security, Stability and a Site Speed Improvement of 80% in less than 1 week.

Over the past few years Gravytrain has created a series of new application hosting packages using top of the range technology to provide security, stability and flexibility. Furthermore, our application hosting packages come with PCI Compliance testing to ensure our clients’ websites comply with PCI regulations and provide excellent user experience.

The Brief

Protein Empire needed expert advice, advanced technical knowledge and a fast turnaround to improve their application hosting services and ensure their Magento site was PCI Compliant. As Gravytrain provides Amazon Web Services (AWS) application hosting packages and has the ability to run rigorous PCI Compliance tests in-house, we were able to help Protein Empire protect both their website and their business – fast.

The Goals

PCI Compliance is becoming increasingly important for ecommerce websites as legal requirements from banks are meticulous and exact. Protein Empire had previously struggled to make changes to their application hosting platform that were required after the introduction of new PCI Compliance laws.

Gravytrain was asked to resolve these issues as quickly as possible and provide expert advice that would protect their business in the future. When Protein Empire approached Gravytrain their main aims were:

  • Ensure the Protein Empire website is fully PCI Compliant in terms of both front and back end.
  • Increase site speed which was causing page load and user experience issues.
  • Make alterations to the Magento platform to ensure PCI Compliance and best practice web development.

Our Approach

Time was a huge factor when it came to Protein Empire’s website, which is why they needed specialists who had years of experience when it came to both Magento and application hosting. As Gravytrain has our own team of Amazon Web Server (AWS) specialists and a healthy relationship with the AWS Account Manager team, we were able to deploy the application seamlessly.

As soon as the site was migrated to a more secure and robust application hosting platform we were then able to take on the PCI Compliance issues. By working with Qualys, a PCI Approved Scanning Vendor (ASV), we were able to perform robust tests on the Protein Empire website and amend any issues on both the server and the Magento platform.


When it comes to application hosting Gravytrain believes that AWS provides an ideal solution as it ensures security, scalability and flexibility. The new application hosting platform in this instance includes:

  • 2x Web servers powered by Nginx
  • 2x PHP 7 servers
  • 2x Database servers running Amazon Aurora
  • 2x Cache Servers powered by Amazon Elasticache & Reddis
  • File Storage with fail-over redundancy
  • Intrusion detection and prevention via TrendMicro.
  • PCI Compliant Setup

Even though the application hosting platforms come with preliminary PCI Compliance scans, Gravytrain used Qualys’ expertise to ensure that the Protein Empire website adhered to all PCI regulations. Web App Scans provided detailed reports on various aspects of the web application including firewalls, servers and more.

Furthermore, Gravytrain now runs these scans on the Protein Empire website every two weeks even though the standard time frame for these tests is every three months. This ensures we are always keeping on top on vulnerabilities almost as soon as they come out.

The Results

In just 1 week Gravytrain had not only made the Protein Empire website fully PCI Compliant but also delivered a robust application hosting package that ensured site security and stability at all times.

The new system uses the most advanced application hosting technology, with redundancy across 2 Amazon Web Services zones and the ability to load balance across servers to ensure peak performance of the Protein Empire website.

In terms of site speed, we delivered:

  • Homepage load time improving from 6.99 seconds to 1.98 seconds (71.67%)
  • Server response improving from 750 milliseconds 150 milliseconds (80%)

On top of this, from moving to a new application hosting package, Protein Empire saw their conversion rate increase by approximately 2% – a 30-40% increase from 2-3% to 4-5%.

Protein Empire were so happy with Gravytrain’s services that they also took out a dedicated Magento support contract including time dedicated to critical issues as well as general support. This, along with our ongoing and rigorous PCI Compliance testing, ensures that the Protein Empire website remains in line with regulations and is optimal for customers at all times.

Let’s Talk

Gravytrain were easy to talk to and got my site up and running on their PCI Compliant server within a week.

I have saved both time and money using Gravytrain and I would highly recommend their team. Professional, friendly and always there when needed.

- William Evans, CEO Protein Empire

Let's Talk

This field is required!
Invalid Email!
This field is required!
This field is required!
This field is required.