mod_ssl 2.8.xx and PCI

The Mod_ssl 2.8.x issue which is affecting your PCI compliance is a false positive as far as our servers are concerned. We run Apache 2.2.x on our servers which has inbuilt mod_ssl support and the version of mod_ssl is same as what we have for Apache due to this.

The mod_ssl official site is http://www.modssl.org/ and you can see that there is no mod_ssl version available for Apache 2.x or 2.2.x at this time. The mod_ssl 2.8.xx versions are all available for a much older version of Apache (i.e 1.3.xx). You need to file in a false positive report for this issue with your PCI scanning company for this issue.

Was this answer helpful?

 Print this Article

Also Read

How can I prevent hacking?

1. The most important thing to do is keep your passwords a secret. If you must give a password to...

How to handle the Google Attack Page?

When you see the dreaded Google attack site warning, you should immediately submit a...

Cpanel Protects From Hackers

Hello, You must keep CMS up to date. Once this happens the attacks will stop or come to a...

What is INODES limit?

An inode is basically a file - so say you had 1,000 images, that'd be 1,000 inodes. Every file (a...

CPU resource usage

SHARED SERVERS Overline India allows a maximum of 25% CPU usage limit. You may exceed this limit...