Update Apache 2.4.28 or later after website failed penetration test
One of our clients recently undertook a penetration test on their site in accordance with their ISO application. It was highly recommended that Apache was upgraded to version 2.4.28 or later as Apache 2.4.10 was reported to have multiple vulnerabilities.
Most large UK based companies will undergo a similar ISO application so this should really be completed.
Jason Caldwell commented
+1 This should have been done already. Folks using Cloudways are vulnerable.
We are also having the same issue & I can’t believe we are having this issue - the whole point of ‘managed’ hosting is this should be done for us behind the scenes & should never have been an issue
Any reply from cloudways ?