AS24-U1-000210 – The log data and records from the Apache web server must be backed up onto a different system or media.

Details

Protection of log data includes ensuring log data is not accidentally lost or deleted. Backing up log records to an unrelated system or onto separate media than the system the web server is actually running on helps to ensure that, in the event of a catastrophic system failure, the log records will be retained.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Document the web server backup procedures.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apache_Server_2-4_UNIX_Y22M01_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Unix.

References

800-53|AU-9(2)
CAT|II
CCI|CCI-001348
Rule-ID|SV-214237r612240_rule
STIG-ID|AS24-U1-000210
STIG-Legacy|SV-102723
STIG-Legacy|V-92635
Vuln-ID|V-214237

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles