In September of 2014, the eFolder team posted a Service Advisory asking private cloud partners to upgrade from Apache HTTP Server version 2.2 to Apache HTTP Server version 2.4. If you are a private cloud partner who did not upgrade before the Anchor 2.5.1 release, you must manually upgrade to avoid security vulnerabilities.
If you have questions about the version of your Anchor or Apache server, please contact eFolder Support.
Possible Security Vulnerabilities
If you are a private cloud partner who did not upgrade from Apache HTTP Server version before the 2.5.1 release, you will not receive future updates to OpenSSL. This can cause security vulnerabilities and interfere with compliance regulations.
- Download the latest Anchor Server version, but do not install. The latest Anchor Server version can be found at http://download.anchorworks.com/AnchorServer-[latest Anchor Server version number]. For example, if the latest Anchor Server version is 22.214.171.1242, you will navigate to: http://download.anchorworks.com/AnchorServer-126.96.36.1992.exe. The latest Anchor Server version is listed in [Target Drive]:\Anchor Server\conf\update.ini found on your Anchor private cloud server.
- On the Anchor server, launch regedit and browse to:
Note: We recommend backing up the registry before making changes.
- Update the Version value to 2.5.0.
- Run the Anchor Server installer and follow instructions in the Installer Wizard.
Note: We recommend creating a copy of Anchor’s http.config file before running the Installer Wizard.