The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PCI Compliance Issue

Discussion in 'General Discussion' started by KrystalS, May 14, 2008.

  1. KrystalS

    KrystalS Active Member

    Joined:
    Mar 15, 2004
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    UK
    Hello,

    We've been trying to get a number of servers PCI compliant, and have managed to fix everything except for one error ( it appears twice once on port 443 and once on port 80 ).

    I have tried using every version of Apache that EasyApache offers, but always get the same error.

    Has anyone else found a fix for this ?

     
  2. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
    That looks like there are vulnerable scripts on the site you are checking oposed to the apache configuration, I would check over the site you are testing before changing anything else
     
  3. tkerns

    tkerns Active Member

    Joined:
    Jun 13, 2007
    Messages:
    33
    Likes Received:
    0
    Trophy Points:
    6
    Depending on the pci scanning company you use, many will tell you exactly what page/form they discovered the cross site scripting vulnerability in.
     
  4. bls24

    bls24 Well-Known Member

    Joined:
    May 12, 2007
    Messages:
    78
    Likes Received:
    0
    Trophy Points:
    6
    Does your PCI tester also suggest an Apache upgrade to Apache2, citing 1.3x unstable? (Mine did)

    And yet the management company I previously use states Apache2 isn't stable with cpanel just yet (is there any truth to this or just paranoia)?
    I'm going to guess it's just paranoia.. as it looks as though cpanel.net is on 2.0.63 ...

    Nevertheless, I'm curious as to why my PCI test claims so many holes in 1.3.41 due to mostly OpenSSL and such.
     
  5. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
    Pure BS, apache 2 support in cPanel is stable, has been for a long time
     
Loading...

Share This Page