Ensure the Group Is Set Correctly on Apache Directories and Files
Details The Apache directories and files should be set to have a group Id of root, (or a root equivalent)...
- Home
- Security Hardening
- CIS Apache HTTP Server 2.4 L1 V2.0.0 Middleware
CIS Apache HTTP Server 2.4 L1 V2.0.0 Middleware
Ensure the HTTP TRACE Method Is Disabled
Details Use the Apache TraceEnable directive to disable the HTTP TRACE request method. Rationale: The HTTP 1.1 protocol requires support...Ensure the Info Module Is Disabled
Details The Apache mod_info module provides information on the server configuration via access to a /server-info URL location. Rationale: While...Ensure the Lock File Is Secured – configured
Details The Mutex directive sets the locking mechanism used to serialize access to resources. It may be used to specify...Ensure the Lock File Is Secured – permissions
Details The Mutex directive sets the locking mechanism used to serialize access to resources. It may be used to specify...Ensure the Log Config Module Is Enabled
Details The log_config module provides for flexible logging of client requests, and provides for the configuration of the information in...Ensure the Pid File Is Secured – ‘PidFile directory’
Details The PidFile directive sets the file path to the process ID file to which the server records the process...Ensure the Pre-Installation Planning Checklist Has Been Implemented
Details Review and implement the following items as appropriate: Reviewed and implemented company’s security policies as they relate to web...Ensure the Proxy Modules Are Disabled
Details The Apache proxy modules allow the server to act as a proxy (either forward or reverse proxy) of HTTP...Ensure the ScoreBoard File Is Secured
Details The ScoreBoardFile directive sets a file path which the server will use for inter-process communication (IPC) among the Apache...