To remove this vulnerability,
Modify oprocmgr.conf from
<VirtualHost _default_:8100>
<IfDefine SSL>
SSLEngine off
</IfDefine>
Port 8100
<Location />
Order Deny,Allow
Allow from all
To,
<VirtualHost _default_:8100>
<IfDefine SSL>
SSLEngine off
</IfDefine>
Port 8100
<Location />
Order Deny,Allow
Deny from all
You need to modify only "Allow from all" to "Deny from all" rest everything will remain the same.
Comments