My site report says 2 PCI Failing vulnerabilities have been found, they both relate to a Cloudflare IP. The vulnerability report “solution” is as follows:
THREAT:
Your firewall policy seems to let TCP packets with a specific source port pass through.
SOLUTION:
“Make sure that all your filtering rules are correct and strict enough. If the firewall intends to deny TCP connections to a specific port, it should be configured to block all TCP SYN packets going to this port, regardless of the source port.”
AND
THREAT:
A file, directory, or directory listing was discovered on the Web server. These resources are confirmed to be present based on our logic. Some of the content on these
files might have sensitive information.
NOTE: Links found in 150004 are found by forced crawling so will not automatically be added to 150009 Links Crawled or the application site map. If links found in
150004 need to be tested they must be added as Explicit URI so they are included in scope and then will be reported in 150009. Once the link is added to be in scope (i.
e. Explicit URI) this same link will no longer be reported for 150004.
SOLUTION:
It is advised to review the contents of the disclosed files. If the contents contain sensitive information, please verify that access to this file or directory is permitted. If necessary, remove it or apply access controls to it.
I have no idea how to implement these “fixes” can anyone assist with some instruction please?