On Thu, 22 Jul 2004, Maniel Sotomayor wrote:
> I'm writing because at our site we've been hacked by someone
> through an Apache vulnerability. We didn't verified the Apache version
> that was installed by default on our lcfgng server (RH 7.3).
> Did someone has upgraded this Apache's version (1.3) to version
> 2 without any compatibility issues?
As the only thing that apache does on LCFGng server is serving xml files
for download and running the install.cgi script, the transition should
be non-problematic.
However, upgrading PHP and not having unused modules loaded in apache (i.e
mod_proxy for example :) ) should keep you reasonably safe too.
--
Jiri Kosina
Institute of Physics, Academy of sciences of the Czech Republic
|