A default install of MySQL has anonymous users and root users with access via ‘%’ (all outside hosts) and a generally useless ‘test’ database.
Continue reading MySQL/Security – Cleaning up post-install
Tag: security
Apache/Security – Hide Apache Version Number
Sometimes, you may like a bit of security-through-obscurity. Some PCI providers even require this.
Continue reading Apache/Security – Hide Apache Version Number
Apache/PCI – Disable Weak Cipher and older TLS Support
PCI compliance tests require you to disable weak ciphers and older TLS support.
Continue reading Apache/PCI – Disable Weak Cipher and older TLS Support
Apache/PCI – Disable TRACE Method
Some PCI tests require that you disable the Apache TRACE method as this can reveal sensitive information about the server.
Continue reading Apache/PCI – Disable TRACE Method