On July 18th, 2016, a CGI application vulnerability, referred to as "HTTPoxy", was disclosed. An attacker can exploit vulnerable deployments by passing an HTTP Proxy header with their request, which will alter the URL used by the application when contacting backing services. This can be used to leak credentials, modify responses to the application, etc.
Here are two simple way to fix it and secure your Directadmin server against the vulnerability.
cd /usr/local/directadmin/custombuild ./build update ./build version ./build rewrite_confs
With this you should have /etc/httpd/conf/extra/httpd-default.conf and /etc/nginx/nginx_limits.conf updated. If the process failed or for any reason you need a manual update, choose the second way:
This is a valid solution for both setups: for standalone Apache and Apache with a NGINX as a front-end.
echo -e "\nRequestHeader unset Proxy early" | tee -a /etc/httpd/conf/extra/httpd-includes.conf service httpd restart
as a Standalone Server with PHP-FPM (only)
echo 'fastcgi_param HTTP_PROXY "";' | tee -a /etc/nginx/fastcgi_params mkdir /usr/local/directadmin/custombuild/custom/nginx/conf/ -p cp -p /etc/nginx/fastcgi_params /usr/local/directadmin/custombuild/custom/nginx/conf/ service nginx restart
For those who needs more information on the subject please refer the following links: