Establishing security for HTTP protocol version fallback

HTTP downgrading occurs when a server falls back to an older version of the HTTP protocol during communication. This fallback causes vulnerabilities because older protocol versions may lack certain security features that newer versions provide. To reduce this risk, ensure that server consistently uses the configured secure protocol version end to end.

To protect against HTTP protocol version fallback, set the value of allowProtocolVersionFallback to true for allowing fallback or false for not allowing fallback in the eqaprof.env file. For example, allowProtocolVersionFallback=false.

To know about the current protocol version that the server is using, see EQAPROF JOB log STDOUT.