httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cathy Fauntleroy" <cathy.fauntle...@vdtg.com>
Subject [users@httpd] Updating Apache to Mitigate FREAK
Date Thu, 12 Mar 2015 13:13:45 GMT
Hello Community,

 

I am attempting to update Apache from version 2.2.21 on my Windows 2008 R2
Enterprise Server in order to mitigate the FREAK vulnerability.  I am new to
this project (no overlap with the previous developers) and also new to
Apache on Windows.

 

I have already mitigated other vulnerabilities by disabling SSLv2 and SSLv3.
I now need to enable TLS 1.2 which, from what I understand, requires running
at least Apache 2.2.24 or higher.

 

Basically, I want to be sure I am selecting the correct download.  I
connected to
http://olex.openlogic.com/packages/apache/2.2.24#package_detail_tabs and
downloaded Apache HTTP Server 2.2.25Windows (openssl) Windows IA32 Binary.
Does anyone have experience/professional opinion about that site/download in
regard to what I need to accomplish?

 

Thanks.



Cathy Fauntleroy, Security+

Van Dyke Technology Group

Email:  cathy.fauntleroy@vdtg.com <mailto:cathy.fauntleroy@vdtg.com> 

Office:  (443) 832-4768

 


Mime
View raw message