Upgrade or Remove Apache Web Server - macOS Catalina
Our security team runs weekly vulnerability scans via Tenable/Nessus on our environment and all of our Macs have been coming up with multiple vulnerabilities related to the native Apache Web Server being out of date. I am trying to find a way to either update it to a suitable version or remove it entirely from the systems. We do not have a need the Apache web server or related services as we do not do any development that warrants its use, so upgrading it really has no benefit, it would only be to stop the alerts.
I have been in search for a few months trying to come up with a solution to no avail. We are in the process of getting our environment PCI-DSS compliant, and as such, can't ignore this weekly alert. We also cannot upgrade all of our systems to Big Sur just to get around this one issue, that would cause even more issues for the compliance at this stage. One solution that was offered was to ensure the local web server was disabled and to just block the executables from ever running, which we did, but that still left the files on our systems and they continue to pop up each week, which is still a problem for the compliance.
More information from Tenable can be found here: https://www.tenable.com/plugins/nessus/139574
Thanks for any input you might have!