Apache2 – How to pass PCI-DSS compliance scan/test on Apache in 2013

Apache 2.2 up to 2.4 need special configuration to be able to pass a PCI-DSS scan. Below is what you need in 2013 to pass a basic PCI-DSS scan on your webserver. Obviously a properly configured SSL certificate helps too. You also need to configure variables in conf.d/security if you are using Debian or Ubuntu.



Published on: 31 May 2013
Posted by: Sami K.