PCI audit found this on our pi-hole server

PCI audit found this on our pi-hole server

We have a raspberrypi for desktop debian os with pi-hole installed.

PCI audit conducted a test and found these vulnerabilities on our pi-hole.

How can we rectify these findings on pi-hole?

image

https://discourse.pi-hole.net/t/enabling-https-for-your-pi-hole-web-interface/577
is your pi-hole device web-facing?

our pi-hole is accessible only locally.

You may find this thread to be helpful: