Suggestions: EasyApache #18

Jamyn · 2013-05-17T17:56:20Z

Just documenting suggestions submitted by others so we don't lose them.

ERROR: Tomcat is installed (current version is EOL, runs as shared user)
ERROR: Mono is installed (current version is EOL, runs as shared user?)
WARN: Mod_security not installed (warning since the hosting provider
may have a separate WAF)
ERROR: Any caching PHP extensions installed (allow various kinds of
cache poisoning to take over other sites depending on the configuration.)
ERROR: PHP4 installed on the system (EOL, numerous CVEs)
ERROR: PHP 5.[012] installed on the system (EOL, numerous CVEs)
ERROR: PHP 5.3 or 5.4 installed on the system with any version other
than the latest.

DONE - ERROR: Apache 1 installed (EOL, CVEs)
DONE - ERROR: Apache 2.0 installed (Near EOL, upstream support is spotty)

Jamyn · 2013-05-17T18:01:22Z

Apache Global options to be more PCI ready

Check for any mod_sec rules (anything at all just make sure it's not empty)

Recommend apache 2.2/2.4

bdraco · 2013-05-17T20:30:56Z

note: mod_security is not compat with mod_ruid2 so don't warn if mod_ruid2 is active

Jamyn · 2013-08-22T15:14:12Z

Re: mod_security and mod_ruid2 incompatibility - we should hold off on any changes until internal case 75905 is resolved.

Jamyn mentioned this issue Aug 29, 2013

Issue 18: Suggestions: EasyApache - Detect Apache EOL versions #61

Merged

Provide feedback