Some key security measures, such as using TLS encryption (https://) are taken for granted. Others are often missed until they are flagged by a security scan. Here are two easy changes that have helped some of our clients reduce perceived vulnerabilities. These changes, typically made in the Apache web server’s httpd.conf files, may stop unnecessary exposure of web server information, as well as satisfying security scanners. Disable trace and track Security scanners may flag the TRACE and TRACK HTTP methods as insecure. Documentation for the Apache web server states: “…enabling the TRACE method does not expose any security vulnerability in...
The post Easy Security Improvements for Apache Websites appeared first on Seiden Group.
