GFI LanGuard's integrated Apache HTTP server is reported being outdated or having security vulnerabilities.
This article provides information on the GFI LanGuard integrated Apache server's purpose and updating.
Vulnerabilities are discovered from time to time in the Apache server software by security reporting agencies. LanGuard or other security scanners such as Nessus will sometimes return a message that vulnerabilities exist within the system. This usually happens when the LanGuard Apache web server is not updated to the latest version.
Apache Server is used within the GFI LanGuard for its caching proxy features (Relay Agents) and for its Fast CGI feature when communicating scan results between the server and the agents.
New versions of the Apache server may be released midstream of the current release of the LanGuard product. When this occurs, the GFI Development investigates and tests the new version of the server to make sure it does not negatively affect GFI LanGuard capabilities and functionality.
The GFI Development Team tests and upgrades the integrated Apache server version during each release, which happens normally every six months. As soon as the new server version is confirmed, it is immediately released. The update is done automatically via the Program Updates module.
Between releases, some elements of the Apache server may be outdated which reflects on certain vulnerabilities. Our version of Apache does not use all the modules within Apache (such as SSL), therefore some reported Apache vulnerabilities may not apply to our version.
Note: GFI LanGuard integrated Apache server is upgraded only by our Development Team after thorough testing. If you try to manually update the Apache version, that will break LanGuard.