Knowledge Base

CVE-2021-44224: Apache HTTP Server vulnerability

Situation

Vulnerability CVE-2021-44224 affects mod_proxy for Apache HTTP Server.

Impact

Plesk ships mod_proxy only for RedHat 7-based OSes:

CentOS 7 (64-bit)
CloudLinux 7 (64-bit)
Red Hat Enterprise Linux 7 (64-bit)
Virtuozzo Linux 7 (64-bit)

RedHat 7 is not affected by CVE-2021-44224.

Call to Action

For the servers with RedHat 7-based OSes - no additional actions are required since they are not affected by CVE-2021-44224.
To protect customers’ websites on other servers, follow the recommendations from the OS vendor/package maintainer and always keep the system up to date.
Plesk has an embedded mechanism to update system packages: Plesk Administrator's Guide: System Updates.

Related Posts

Your Complete .htaccess Guide: Including .htaccess Basics and More

NGINX vs Apache – Which Is the Best Web Server in 2024?

Top Web Servers For Linux And Windows

Knowledge Base

Updating Plesk or system packages on CentOS 8 server fails: Failed to download metadata for repo: Cannot prepare internal mirrorlist: No URLs in mirrorlist

Vulnerability CVE-2021-44790 for Apache HTTP Server

Websites on PHP 7.4 and PHP 8.0 are inaccessible on CloudLinux OS: 504 Gateway Time-out

All websites hosted in Plesk are not accessible over HTTPS: 502 Bad Gateway or ERR_CONNECTION_REFUSED

Hosting Wiki