IBM i Apache Security Fixes for PCI Compliance
A few months after we published the article Apache for IBM i: Where to Find Documentation, astute reader Paul Nicolay of Cegeka shared yet another hard-to-find Apache resource with us.
Paul recommends IBM Support’s IBM HTTP Server for i PCI Compliance page for organizations following the stringent PCI DSS security standard for accepting card payments. In addition to confirming that Apache on IBM i is a PCI-compliant web server, the page lists the IBM i PTFs required to fix known vulnerabilities.
According to Paul, the compliance page can help demonstrate to auditors that Apache on IBM i, patched appropriately with PTFs, has all necessary PCI security patches. This may not be obvious at first glance, because IBM i provides patches between Apache releases, similar to the practice of some major Linux vendors.
Thanks to Paul for sharing the IBM HTTP Server for i PCI Compliance page with us and the rest of the IBM i community!
Leave a Reply
Want to join the discussion?Feel free to contribute!