Instead of re-hashing the same things the first 2 posters already said, i'll offer an alternative:
Why don't you run your own wallet on your server and use it to create new deposit addresses and manage payments?
There are 2 good alternatives:
1) Run bitcoind, lock your wallet, use json-rpc queries to make new addresses, use the callback function (walletnotify=path_to_script %s) to detect incoming transactions
2) OR, run electrum as a daemon
http://docs.electrum.org/en/latest/merchant.htmlPersonally, i'd prefer the first option (bitcoind), but electrum gives you the possibility to create a watch-only wallet by importing an xpub instead of generating a "real" wallet with an xprv. Since the online machine never touched the seed or the xprv, the worst a hacker can do is steal your xpub and find out which deposit addresses were generated by your store.