When I enter an invalid URL (e.g. https://example.com/cgi-bin/myapp/invalid) I get a "
WebSpeed error from messenger process (6019)
Msngr: the specified service name does not exist or has a bad format. (5825): myapp" message, but it returns "HTTP/1.1 200 OK".
This is OK for people, but we are using a vulnerability scanner and when it tries " https://example.com/cgi-bin/myapp/known_vulnerability" the "HTTP/1.1 200 OK" indicates that "known_vulnerability" exists on my machine.
Is there a setting that allows me to return a "404" or similar in this case/ Am I way off base in my thinking? Any help would be appreciated.