Looking for some help to determine if I can configure Apache 2.0.59 to address a couple Cross Site Scripting (XSS) vulnerabilities. I'm not able to upgrade to a later version, so I'm trying to understand if there is functionality within this version to address the XSS issue.
I have 2 specific issues:
1. Validating input (whitelisting acceptable characters)
2. Sanitizing or encoding output (For instance, the character < would be encoded as < which would be displayed by the browser as the “less-than” character instead of being interpreted as the start
of an HTML tag.)
I am not an experienced apache administrator, so any help would be most appreciated.