Hi Guys,

During a security assesment realized last week the auditors find and show some security problems in a report on my Zimbra production environment, published in the Web.

My team focus some days to fix the problems but some points of the report simply we can´t fix because we don´t find some parts of Zimbra that let the errors occurs.

Please, I want help to:

Disable HTTP Options Method from Joomla (I had modified both httpd.config that i find, but the method still appears on Nmap).
Change 404 and 403 Errors pages cause then show some technologies of my Server.

Thanks for Help!

Additional Information:
Zimbra 5.0.11_GA_2695
Apache/2.2.3