Skip to content

I suggest you ...

← Product Improvements: Flexible

Update Apache 2.4.28 or later after website failed penetration test

One of our clients recently undertook a penetration test on their site in accordance with their ISO application. It was highly recommended that Apache was upgraded to version 2.4.28 or later as Apache 2.4.10 was reported to have multiple vulnerabilities.

Most large UK based companies will undergo a similar ISO application so this should really be completed.

Thanks!

7 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Nick Bird shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • B. Loewe commented  ·   ·  Report

    Seconding this, our PCI compliance requires to upgrade to Apache version 2.4.61 or later. Not doing so may require us finding a new host.

  • Jason Caldwell commented  ·   ·  Report

    +1 This should have been done already. Folks using Cloudways are vulnerable.

  • Alex commented  ·   ·  Report

    We are also having the same issue & I can’t believe we are having this issue - the whole point of ‘managed’ hosting is this should be done for us behind the scenes & should never have been an issue

    Any reply from cloudways ?

Product Improvements: Flexible: Server Configuration Improvements

Categories