Vulnerabilities on WCS server CentOS 7 with Ngix runing

Arif Butt

Member
Hi there

we have received few Vulnerabilities at customer site running WCS on CentOS with Ngix webserver as proxy, we appreciate if kindly assist on how to fix them

1728659822657.png


thnx
AB
 

Attachments

Max

Administrator
Staff member
Hello

What is the server port where TLSv1 in use?

WCS default secure ports
8444 HTTPS
8443 WSS (Websocket SSL)

Nginx secure ports
443 (?)

If you are using Nginx as a reverse proxy

Browser > [TLSv1] > Nginx 443 > [HTTP not encrypted] > WCS 8080

Then the TLSv1 issue is on Nginx end. To fix it, please upgrade Nginx to the latest available version or upgrade Centos 7 to latest Centos or Ubuntu 22, or Ubuntu 24.
 

Arif Butt

Member
Ngix is used as a reverse proxy, In this screen shot server name nginx is visible in response header, any other way to disable the header info?

1728919180395.png
 
Top