Ensure Appropriate Access to Web Content Is Allowed – ‘httpd.conf Deny is configured’
Details In order to serve web content, the Apache ‘Allow’ directive will need to be used to allow for appropriate...
- Home
- Security Hardening
- CIS Apache HTTP Server 2.2 L2 V3 6.0
CIS Apache HTTP Server 2.2 L2 V3 6.0
Ensure Appropriate Access to Web Content Is Allowed – ‘httpd.conf Order Deny,Allow’
Details In order to serve web content, the Apache ‘Allow’ directive will need to be used to allow for appropriate...Ensure Appropriate Access to Web Content Is Allowed – ‘No Order/Deny/Allow’
Details In order to serve web content, the Apache ‘Allow’ directive will need to be used to allow for appropriate...Ensure Appropriate Access to Web Content Is Allowed – ‘Require is configured’
Details In order to serve web content, the Apache ‘Allow’ directive will need to be used to allow for appropriate...Ensure Group Write Access for the Apache Directories and Files Is Properly Restricted
Details Group permissions on Apache directories should generally be ‘r-x’, and file permissions should be similar, except not executable if...Ensure Group Write Access for the Document Root Directories and Files Is Properly Restricted
Details The Apache Document Root directory ‘$DOCROOT’ may need to be writeable by an authorized group such as development, support,...Ensure Only Necessary Authentication and Authorization Modules Are Enabled – ‘auth*’
Details The Apache 2.2 modules for authentication and authorization have been refactored to provide finer granularity and more consistent and...Ensure Only Necessary Authentication and Authorization Modules Are Enabled – ‘LDAP’
Details The Apache 2.2 modules for authentication and authorization have been refactored to provide finer granularity and more consistent and...Ensure Options for Other Directories Are Minimized
Details The Apache ‘Options’ directive allows for specific configuration of options, including execution of CGI, following symbolic links, server side...Ensure Options for the OS Root Directory Are Restricted
Details The Apache ‘Options’ directive allows for specific configuration of options, including execution of CGI, following symbolic links, server side...