Hello Community, I am attempting to update Apache from version 2.2.21 on my Windows 2008 R2 Enterprise Server in order to mitigate the FREAK vulnerability. I am new to this project (no overlap with the previous developers) and also new to Apache on Windows. I have already mitigated other vulnerabilities by disabling SSLv2 and SSLv3. I now need to enable TLS 1.2 which, from what I understand, requires running at least Apache 2.2.24 or higher. Basically, I want to be sure I am selecting the correct download. I connected to http://olex.openlogic.com/packages/apache/2.2.24#package_detail_tabs and downloaded Apache HTTP Server 2.2.25Windows (openssl) Windows IA32 Binary. Does anyone have experience/professional opinion about that site/download in regard to what I need to accomplish? Thanks… Cathy Fauntleroy, Security+ Van Dyke Technology Group Email: cathy.fauntleroy@xxxxxxxx Office: (443) 832-4768 |
|