Ensure the Apache Web Server Runs As a Non-Root User – ‘apache account is configured’
Details Although Apache is typically started with root privileges in order to listen on port 80 and 443, it can...
- Home
- Security Hardening
- CIS Apache HTTP Server 2.4 L1 V2.0.0
CIS Apache HTTP Server 2.4 L1 V2.0.0
Ensure the Apache Web Server Runs As a Non-Root User – ‘httpd.conf Group = apache’
Details Although Apache is typically started with root privileges in order to listen on port 80 and 443, it can...Ensure the Apache Web Server Runs As a Non-Root User – ‘httpd services are running as apache user’
Details Although Apache is typically started with root privileges in order to listen on port 80 and 443, it can...Ensure the Autoindex Module Is Disabled
Details The Apache autoindex module automatically generates web page listing the contents of directories on the server, typically used so...Ensure the Basic and Digest Authentication Modules are Disabled – auth_basic_module
Details The Apache mod_auth_basic and mod_auth_digest modules support HTTP Basic Authentication and HTTP Digest Authentication respectively. The two authentication protocols...Ensure the Basic and Digest Authentication Modules are Disabled – auth_digest_module
Details The Apache mod_auth_basic and mod_auth_digest modules support HTTP Basic Authentication and HTTP Digest Authentication respectively. The two authentication protocols...Ensure the Core Dump Directory Is Secured
Details The CoreDumpDirectory directive is used to specify the directory Apache attempts to switch to before creating the core dump....Ensure the Info Module Is Disabled
Details The Apache mod_info module provides information on the server configuration via access to a /server-info URL location. Rationale: While...Ensure the Lock File Is Secured – ‘LockFile directory’
Details The Mutex directive sets the locking mechanism used to serialize access to resources. It may be used to specify...Ensure the Lock File Is Secured – ‘LockFile on local hard drive’
Details The Mutex directive sets the locking mechanism used to serialize access to resources. It may be used to specify...