Skip to content
Search to learn about InterSystems products and solutions, career opportunities, and more. Results include content from our developer community, product documentation and education websites in addition to InterSystems.com.

Advisory: Apache Web Server provided with InterSystems kits – Vulnerability reports

November 19, 2021 - Advisory: Apache Web Server provided with InterSystems kits – Vulnerability reports

InterSystems kits include an Apache web server, which provides a convenient way for customers to interact with the Caché/IRIS Management Portal without needing to install an external web server; however, this web server should never be used for production instances, and customers must install a web server that fits their specific needs and security/risk requirements.

Recent tests have noted some security issues with the currently included Apache web server. Because this is a third-party technology that InterSystems does not control, InterSystems recommends installing a web server version directly obtained from Apache or another third party and disabling the included Apache web server. Our product documentation includes instructions on how to disable the web server provided with our kits. In addition, Apache also offers uninstall instructions that can be found on the Apache website.

InterSystems plans to include a more recent version of the Apache web server in upcoming releases. Similar to the current version, this version also cannot be used for production instances. In future releases of our products, InterSystems will not ship or install any web server; we will provide further updates with the specifics of our plans.

Latest Alerts & Advisories

Sign Up Today

Receive notifications on support alerts, critical issues,
fixes, and product releases.
*Required Fields
Highlighted fields are required
*Required Fields
Highlighted fields are required
By submitting this form, you give consent to receive notifications concerning support alerts, critical issues, important updates, fixes, and product releases via email. In addition, you consent to your business contact information being entered into our CRM solution that is hosted in the United States, but maintained consistent with applicable data protection laws.
**By clicking here, you give consent to be contacted for news, updates and other marketing purposes related to existing and future InterSystems products, offerings, and events.