Why is Apache Vulnerable by Default?
Tim Cotten
362

Tim,
Many thanks for your post.
In general, how do you deal with false alerts from the Trustwave audit?

In addition to their false alerts (many of them they don’t want to close even after dispute), it seems just inconsistent — two webservers this the same config, different scan results.

Thank you,

Vitaly