Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

TrustWave (PCI) scan fail. Insecure WebDAV Auth.

Discussion in 'Security' started by rezman, Jan 4, 2012.

  1. rezman

    rezman Well-Known Member

    Joined:
    Feb 3, 2011
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    56
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    A client's PCI scan keeps failing before WebDAV is accepting login/passwords over a non-secure port (2077). I disputed this with TrustWave as part of Cpanel WebDAV. They denied the dispute even though it has nothing do to with the SSL secure stuff on the website.

    So my question is how do I disable WebDAV port 2077 so their scans stop failing. I could just block this at the firewall but to me this seems like a band-aid. I would think MANY people would have this problem seeing as this is a default setting and enabled in Cpanel. I don't want to turn off WebDAV all together.

    The cPanel Web Disk Configuration is pretty limited. All it allows is the changing of the 'TLS/SSL Cipher List'. Mine is currently the default. "ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP"
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,609
    Likes Received:
    32
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Serra

    Serra Well-Known Member

    Joined:
    Oct 27, 2005
    Messages:
    242
    Likes Received:
    15
    Trophy Points:
    168
    Location:
    Florida
    After blocking port 2077 I was able to pass my Trustwave PCI scan.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice