We're trying to achieve PCI compliance here but it appears our audit service doesn't like our Apache version 2.2.3, they say it is prone to cross-site scripting attack and that we should upgrade Apache. We checked out and there's no Apache 2.2.14 on the available repos, so we'll probably install from a fedora RPM or build it ourselves (or hire someone from the server farm to do it).
The question is, on upgrading apache, can we break virtualmin or it uses another apache installation for itself? We just don't want to upgrade the webserver and somehow loose our beloved control panel.
I have some remembrance of virtualmin being somewhat selfcontained and thus not affected by such updates but I thought I should ask.
Thanks in advance for any help, this product is a life and sanity saver for us.
Om Shanti andre