• Dear Pleskians! The Plesk Forum will be undergoing scheduled maintenance on Monday, 7th of July, at 9:00 AM UTC. The expected maintenance window is 2 hours.
    Thank you in advance for your patience and understanding on the matter.

HTTP Authentication - PCI vulnerability scan

A

arctic_ged

Guest
Hi,

I just completed a PCI vulnerability scan, which found a security vulnerability listed below. Does anyone know how I can fix this.

TCP 80 http
Synopsis : The remote web server seems to transmit credentials in clear text. Description : The remote web server contains web pages that are protected by 'Basic' authentication over plain text. An attacker eavesdropping the traffic might obtain logins and passwords of valid users.

Solution: Make sure that HTTP authentication is transmitted over HTTPS. Risk Factor: Low / CVSS Base Score : 2.6 (CVSS2#AV:N/AC:H/Au:N/C:p/I:N/A:N)
 
Back
Top