similar to: CentOS 7 update to apache configs

I read this on the RHN commentary respecting cve-2014-3566: https://securityblog.redhat.com/2014/10/15/poodle-a-ssl3-vulnerability-cve-2014-3566/: . . . The first aspect of POODLE, the SSL 3.0 protocol vulnerability, has already been fixed through iterative protocol improvements, leading to the current TLS version, 1.2. It is simply not possible to address this in the context of the SSL 3.0

Hi, Some time ago one of my public servers (running Slackware64 14.0) got attacked and was misused to send phishing emails. This misadventure made me more concerned about security, so I spent the last few weeks catching up on security, reading docs about SELinux and how to use it, etc. I have a public sandbox server running CentOS 7, and I'm currently experimenting quite a lot with Apache

How about something like: <Location /perl-status> # disallow public access Order Deny, Allow Deny from all Allow from 127.0.0.1 SetHandler perl-script PerlResponseHandler Apache2::Status </Location> 2015-08-11 14:46 GMT+03:00 Proxy One <proxy-one at mail.ru>: > Hello, > > I've failed latest PCI scan because of

[Mod: header changed -- alex] ###### ## ## ###### ## ### ## ## ###### ## # ## ## ## ## ### ## ###### . ## ## . ######. Secure Networks Inc. Security Advisory

Hello, I've failed latest PCI scan because of CVE-2009-0796. Centos 6.7. The Red Hat Security Response Team has rated this issue as having moderate security impact and bug as wontfix. Explanation: The vulnerability affects non default configuration of Apache HTTP web server, i.e cases, when access to Apache::Status and Apache2::Status resources is explicitly allowed via <Location

Hi list, I'm configuring apache with https and I've a question about sslv3 deactivation. Running "openssl ciphers -v" I get a list of cypher suite of openssl like: ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD ......... Each lines report relative protocol. Disabling sslv3 with "SSLProtocol all -SSLv3" I can use cypher like:

I see "MANY" of these ::1 - - [13/Oct/2020:10:46:08 -0500] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 (internal dummy connection)" in the log file. This is not me connecting as ::1 is localhost. What is this - how might I stop it ? Thanks Jerry

On 05/22/2015 04:37 AM, Vijendra Agarwal (vijagarw) wrote: > Hi All, > Currently my system is using httpd 2.2.27. As there were many Vulnerability fixes released under 2.2.29, I would like to upgrade the Apache httpd. > My system is having CentOS 6.5. > > I checked on CentOS Repos using yum but could not find the latest httpd rpm from there. So I am building the httpd rpm from the

Thanks all for the response to my problem. Outside interrupts made me set aside the project temporarily. Reading your input (one email of which was rejected by our email engine for reasons unknown) the thinking seems to be that Apache can''t resolve its virtual hostnames. I had not originally installed the dnsmasq module, so did that. However, there was no difference in performance. I

Hello all, I love CentOS, but I am seriously regretting selecting Centos 4.4 for my production hosting servers. The current situation with CentOS 4.4 and being stuck at Apache 2.0.52 is a huge problem because of the new requirements for the Credit Card industry PCI scan. Apache 2.0.52 does not pass PCI compliance scans. which means no ecommerce on any of these servers - MAJOR ISSUE. So my

Anyone have any idea how soon RHEL and CentOS will be releasing the patch package? Excerpt: Computerworld - Developers of the Apache open-source project today warned users of the popular Web server software that a denial-of-service (DoS) tool is circulating that exploits a bug in the program. The tool, called "Apache Killer," showed up last Friday in a post to the "Full

Hi All, Currently my system is using httpd 2.2.27. As there were many Vulnerability fixes released under 2.2.29, I would like to upgrade the Apache httpd. My system is having CentOS 6.5. I checked on CentOS Repos using yum but could not find the latest httpd rpm from there. So I am building the httpd rpm from the source tar ball downloaded from apache site. I am able to build the rpm successfully

I have read the info on apache 2.4... I added to the bottom of httpd.conf these lines (and restarted httpd) ------------------------- <Directory /var/www/html> # old 2.2 config # Order Allow,Deny # Allow from all AllowOverride None Require all granted </Directory> <Directory /home/silentm/public_html/gifs> AllowOverride None Require all granted </Directory>

Is this line needed in /etc/exports for anything other and printing (I presume) /var/spool/lpd *(rw) I scan reported this: Vulnerability Details Date: Sun 11 Jan 2009 21:26:56 MET Vuln#: 100103 Vulnerability: successfully mounted /var/spool/lpd ToDo: *_/Restrict nfs export to dedicated hosts or netgroups/_* CertRef: M478100 Tool Reference: ISS 79 Comment: Counted in: Monitor: End of

On Oct 11, 2019, at 12:12 PM, Jerry Geis <jerry.geis at gmail.com> wrote: > > is there a script that is available that can be ran to bring > a box up to current "accepted" levels ? I don?t know why you?d use a script for this at all. Just ship a new HTTPS configuration to each server. Apache loads all *.conf files in its configuration directory, so you might be able to

Hi All - I am running CentOS 7.5 and trying to use certbot. I am getting an error 403 forbidden on the /.well-known/acme-challenge/-CG_gSckofY5ln7TdMvoanDI1_FBRh8otQkyB0hxmoo Some searching indicated permission problems... I also noticed that the /var/www/html directory does not even have the .well-known directory in it. The /var/www/html directory was root:root I changed it to root:apache

Is there a limit to the size of the form that apache will accept? I have a small import utility (not php - just straight cgi and C program). It will import smaller files. 350 Meg is the largest I successfully did. But a 6.5G file it will not do. Seems like the form does even submit. Is there a config option in apache that doesnt even accept it? I looked at /var/log/httpd/ error and access and

Fun fact... If I echo my data to the same directory as the script is located in it works. But it does not allow writing to /tmp I'm good with that. Thanks, Jerry On Fri, Jan 20, 2017 at 9:54 AM, Jerry Geis <jerry.geis at gmail.com> wrote: > Hi - Thanks for the reply. > > I actually have selinux disabled on this box. > > Jerry > >

Hello, Darren: I read your post on the newsgroup: <http://lists.samba.org/archive/samba/2003-September/073808.html> I read your post when I was having trouble configuring my apache server to work with ldap. After reading your post, I installed the openldap library on my solaris 8 machine. I have a question, when you install the library, and configure the apache server with the following

Hi I'm using CentOS 3, and it's fully patched using yum. Apache reports version 2.0.46 (CentOS) A colleague ran a copy of Nikto, a scripted vuln. finder, against my server, and reported the following problems. The only one I've tested is the directory traversal, and it seems to be an issue. Will the upstream vendor patch these issues in Apache 2.0.46, or not? If not, does anyone know