Join us for SoftSummit 2023. The 20th anniversary of the industry leading software monetization conference. April 18 and 20. Register Now

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 2

Hardening flexnet operations

Hi community

Our customers scanning tool is picking up the Apache server httpd.conf file and flagging the following issues:

HTTP OPTIONS Method Enabled

TLS Server Supports TLS version 1.1

TLS/SSL Server Is Using Commonly Used Prime Numbers

TLS/SSL Server Supports The Use of Static Key Ciphers

When you edit httpd.conf and restart the services it just writes over it. We identified a Revenera Knowledge Article that shows why it gets overwritten and how to combat this.

We tried the method mentioned in the article linked (using httpConfExtra.conf) and it works for setting extra configuration parameters, adding a custom header for example.

However, since the extra configuration is included at the very top of httpd.conf, anything you do can be overridden by directives in httpd.conf. Eg the SSLProtocol directive that sets allowed protocol versions is used later in httpd.conf and overwrites anything you set in httpConfExtra.conf.

So it appears that this is not a possible workaround for the customers problem in this case. Is there another method to correct these issues?


Labels (1)
0 Kudos
1 Reply
Revenera Moderator Revenera Moderator
Revenera Moderator

Hi @CraigEl do you want to Disable HTTP Options? then we had the same request from one other customer and the discussion is here

check and let me know I this helps. 

Best Regards,

0 Kudos