How to disable Apache JServ Protocol (AJP) to address CVE-2020-1938 Ghostcat

  • Updated

Objective

Disable Apache JServ Protocol (AJP) within a Contrast Enterprise on Premise Server. 

Process

1. Open the file that controls the AJP configuration in a text editor
   $CONTRAST_HOME/data/conf/server.properties

2. Edit the the AJP settings to set ajp.enabled to false

ajp.enabled=true
ajp.port=8009

3. Save the file

4. Restart your TeamServer

Restart Contrast on Linux by running:

sudo service contrast-server restart

Restart Contrast on Windows by running:

net stop "Contrast Server"

Once the service is completely shutdown on Windows, run:

net start "Contrast Server"

 

Related Documentation

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request