mod_ssl 2.8.xx and PCI

The Mod_ssl 2.8.x issue which is affecting your PCI compliance is a false positive as far as our servers are concerned. We run Apache 2.2.x on our servers which has inbuilt mod_ssl support and the version of mod_ssl is same as what we have for Apache due to this.

The mod_ssl official site is http://www.modssl.org/ and you can see that there is no mod_ssl version available for Apache 2.x or 2.2.x at this time. The mod_ssl 2.8.xx versions are all available for a much older version of Apache (i.e 1.3.xx). You need to file in a false positive report for this issue with your PCI scanning company for this issue.

Was this answer helpful?

 Print this Article

Also Read

Cpanel Protects From Hackers

Hello, You must keep CMS up to date. Once this happens the attacks will stop or come to a...

The Ultimate Guide to Fixing and Recovering Your Hacked Website

Having your website hacked is one of the worst feelings in the world. It can do major damage to...

How to handle the Google Attack Page?

When you see the dreaded Google attack site warning, you should immediately submit a...

How does a website infected by Google Attack?

As per our research following are the main reason to come Google Attack Page First, it knows the...

How can I make a stronger password?

Password Selection It is important to have a password that is easy to remember, but hard to...