Articles
Disabling keep-alive via the "KeepAlive Off" CVE-2015-3183
Disabling keep-alive (via the "KeepAlive Off" configuration setting, which is used in the default...
HTTP Header Injection
HTTP Header Injection vulnerabilities occur when user input is insecurely included within server...
Insecure configuration of Cookie attributes
Below error may be provided by the PCI scan team: Insecure configuration of Cookie attributes....
SSL Proxy Engine with PCI
Enable ProxyPass rule using pci compliance: SSLProxyEngine onSSLProxyVerify...
Secure cookie with HttpOnly and Secure flag in Apache
Do you know you can mitigate most common XSS attacks using HttpOnly and Secure flag with your...
