IISW-SI-000234 – Debugging and trace information used to diagnose the IIS 8.5 website must be disabled.

Details

Setting compilation debug to false ensures detailed error information does not inadvertently display during live application usage, mitigating the risk of application information being displayed to users.

Solution

Follow the procedures below for each site hosted on the IIS 8.5 web server:

Open the IIS 8.5 Manager.

Click the site name under review.

Double-click ‘.NET Compilation’.

Scroll down to the ‘Behavior’ section and set the value for ‘Debug’ to ‘False’.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_IIS_8-5_Y20M10_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.

References

800-53|SI-11a.
CAT|II
CCI|CCI-001312
Rule-ID|SV-214473r508659_rule
STIG-ID|IISW-SI-000234
STIG-Legacy|SV-91533
STIG-Legacy|V-76837
Vuln-ID|V-214473

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles