cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
Locked
0
Upvote

Adobe Media Server changes

beastmankumc
Community Beginner ,
Jan 03, 2017 Jan 03, 2017

Copy link to clipboard

Copied

The following are proposed changes our server team are suggesting for our Adobe Media Server.  Before we make them, we're hoping to get so me feedback as to whether or not these changes might cause problems with the AMS.  Has anyone done anything like this with your AMS or can anyone foresee any complications from making these changes?

For Apache HTTPD 2.4.10

These vulnerabilities can be resolved by performing the following 3 steps. The total estimated time to perform all of these steps is 2

hours 30 minutes.

Fix Apache Server mod_info is Publicly Accessible

Estimated time: 15 minutes

The configuration file for apache (httpd.conf), reads:

     <Location /server-info>

     SetHandler server-info

     </Location>

To remove the feature from Apache, rewrite this to:

     # comment everything out

     #<Location /server-info>

     # SetHandler server-info

     #</Location>

To keep the feature, adding access control, rewrite it to:

     # add access control

     <Location/server-info>

     SetHandler server-info

     Order deny,allow

     Deny from all

     Allow from 127.0.0.1

     </Location>

Once these changes have been made, the Apache server needs to be restarted.

This will address the following issue: Apache Server mod_info is Publicly Accessible (http-apache-0008).

Upgrade to the latest version of Apache HTTPD

Estimated time: 2 hours

Download and apply the upgrade from: http://archive.apache.org/dist/httpd/httpd-2.4.24.tar.gz

The latest version of Apache HTTPD is 2.4.24.

Many platforms and distributions provide pre-built binary packages for Apache HTTP server. These pre-built packages are usually

customized and optimized for a particular distribution, therefore we recommend that you use the packages if they are available for your

operating system.

This will address the following issue: Apache HTTPD: HTTP_PROXY environment variable "httpoxy" mitigation (CVE-2016-5387)

(apache-httpd-cve-2016-5387).

Fix Apache Server mod_status is Publicly Accessible

Estimated time: 15 minutes

The configuration file for apache (httpd.conf), reads:

     <Location /server-status>

     SetHandler server-status

     </Location>

To remove the feature from Apache, rewrite this to:

     # comment everything out

     #<Location /server-status>

     # SetHandler server-status

     #</Location>

To keep the feature, adding access control, rewrite this to:

     # add access control

     <Location/server-status>

     SetHandler server-status

     Order deny,allow

     Deny from all

     Allow from 127.0.0.1

     </Location>

Once these changes have been made, the Apache server needs to be restarted.

This will address the following issue: Apache Server mod_status is Publicly Accessible (http-apache-0009).

Views

2.7K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 1 Reply 1
latest latest Jump to latest reply
hparmar Adobe Employee
Adobe Employee ,
Jan 09, 2017 Jan 09, 2017

Copy link to clipboard

Copied

LATEST

If you can get apache to launch with your updated apache webserver, We do not perceive any further with Adobe media server functioning.However note that to compile and get apache server to launch form within AMS may be tricky at times.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Copyright © 2024 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices