addon_securityadvisor
addon_securityadvisor copied to clipboard
Suggestions: EasyApache
Just documenting suggestions submitted by others so we don't lose them.
- ERROR: Tomcat is installed (current version is EOL, runs as shared user)
- ERROR: Mono is installed (current version is EOL, runs as shared user?)
- WARN: Mod_security not installed (warning since the hosting provider may have a separate WAF)
- ERROR: Any caching PHP extensions installed (allow various kinds of cache poisoning to take over other sites depending on the configuration.)
- ERROR: PHP4 installed on the system (EOL, numerous CVEs)
- ERROR: PHP 5.[012] installed on the system (EOL, numerous CVEs)
- ERROR: PHP 5.3 or 5.4 installed on the system with any version other than the latest.
DONE - ERROR: Apache 1 installed (EOL, CVEs) DONE - ERROR: Apache 2.0 installed (Near EOL, upstream support is spotty)
- ERROR: Apache 2.2/2.4 is installed other than the latest version