Home
Security Hardening
CIS Apache HTTP Server 2 2 L2 V3 6.0 Middleware

CIS Apache HTTP Server 2 2 L2 V3 6.0 Middleware

Ensure Access to Inappropriate File Extensions Is Restricted – ‘httpd.conf approved extention FileMatch directive exists’
Details Restrict access to inappropriate file extensions that are not expected to be a legitimate part of web sites using...
Ensure Access to Inappropriate File Extensions Is Restricted – ‘httpd.conf FileMatch directive configuration’
Details Restrict access to inappropriate file extensions that are not expected to be a legitimate part of web sites using...
Ensure Access to Inappropriate File Extensions Is Restricted – ‘httpd.conf FileMatch directive Require all denied’
Details Restrict access to inappropriate file extensions that are not expected to be a legitimate part of web sites using...
Ensure All Default Apache Content Is Removed – ‘httpd.conf Alias /icons/ /var/www/icons/ does not exists’
Details In previous recommendations, we have removed default content such as the Apache manuals and default CGI programs. However, if...
Ensure All Default Apache Content Is Removed – ‘httpd.conf Include conf/extra/httpd-autoindex.conf does not exists’
Details In previous recommendations, we have removed default content such as the Apache manuals and default CGI programs. However, if...
Ensure Apache Processes Run in the httpd_t Confined Context
Details SELinux includes customizable targeted policies that may be used to confine the Apache httpd server to enforce least privileges...
Ensure a Syslog Facility Is Configured for Error Logging – ‘httpd.conf Syslog is configured’
Details The ‘ErrorLog’ directive should be configured to send web server error logs to a ‘syslog’ facility so the logs...
Ensure Browser Framing Is Restricted
Details The Header directive allows server HTTP response headers to be added, replaced, or merged. Use the directive to add...
Ensure ETag Response Header Fields Do Not Include Inodes
Details The FileETag directive configures the file attributes that are used to create the ETag (entity tag) response header field...
Ensure HTTP Strict Transport Security Is Enabled – ‘httpd.conf Strict-Transport-Security configuration’
Details HTTP Strict Transport Security (HSTS) is an optional web server security policy mechanism specified by an HTTP Server header....

CIS Apache HTTP Server 2 2 L2 V3 6.0 Middleware

Ensure Access to Inappropriate File Extensions Is Restricted – ‘httpd.conf approved extention FileMatch directive exists’

Ensure Access to Inappropriate File Extensions Is Restricted – ‘httpd.conf FileMatch directive configuration’

Ensure Access to Inappropriate File Extensions Is Restricted – ‘httpd.conf FileMatch directive Require all denied’

Ensure All Default Apache Content Is Removed – ‘httpd.conf Alias /icons/ /var/www/icons/ does not exists’

Ensure All Default Apache Content Is Removed – ‘httpd.conf Include conf/extra/httpd-autoindex.conf does not exists’

Ensure Apache Processes Run in the httpd_t Confined Context

Ensure a Syslog Facility Is Configured for Error Logging – ‘httpd.conf Syslog is configured’

Ensure Browser Framing Is Restricted

Ensure ETag Response Header Fields Do Not Include Inodes

Ensure HTTP Strict Transport Security Is Enabled – ‘httpd.conf Strict-Transport-Security configuration’