Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 12 replies
  • Subscribers 1 subscriber
  • Views 9032 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

website Vulnerability report

mcnjr
I recently moved from TMG to sophos UTM and I have published several websites through the firewall. My company gets scans PCI compliance and we just failed our most recent scan because The HTTP TRACE and/or TRACK methods are enabled on this web server. I can't find for the life of me, a place to block this on the sophos UTM. Any help would be appreciated.


This thread was automatically locked due to age.
Parents
  • 0
    it depends.  You say published through the utm.  are you using webserver protection of the utm or simply forwarding the traffic to your webservers?

    if the first then you have a misconfiguration.  if the second the issue it on your servers not the utm.  You need to secure the webserver itself..that is not something the utm can do in the second scenario.
Reply
  • 0
    it depends.  You say published through the utm.  are you using webserver protection of the utm or simply forwarding the traffic to your webservers?

    if the first then you have a misconfiguration.  if the second the issue it on your servers not the utm.  You need to secure the webserver itself..that is not something the utm can do in the second scenario.
Children
No Data