Ensure the Log Config Module Is Enabled
Details The log_config module provides for flexible logging of client requests, and provides for the configuration of the information in...
- Home
- Security Hardening
- CIS Apache HTTP Server 2.4 L1 V2.0.0
CIS Apache HTTP Server 2.4 L1 V2.0.0
Ensure the Lock File Is Secured – ‘LockFile permissions’
Details The Mutex directive sets the locking mechanism used to serialize access to resources. It may be used to specify...Ensure the Pid File Is Secured – ‘PidFile directory’
Details The PidFile directive sets the file path to the process ID file to which the server records the process...Ensure the Pid File Is Secured – ‘PidFile permissions’
Details The PidFile directive sets the file path to the process ID file to which the server records the process...Ensure the Proxy Modules Are Disabled
Details The Apache proxy modules allow the server to act as a proxy (either forward or reverse proxy) of HTTP...Ensure the ScoreBoard File Is Secured
Details The ScoreBoardFile directive sets a file path which the server will use for inter-process communication (IPC) among the Apache...Ensure the Server Is Not a Multi-Use System
Details Default server configurations often expose a wide variety of services unnecessarily increasing the risk to the system. Just because...Ensure the Status Module Is Disabled
Details The Apache mod_status module provides current server performance statistics. Rationale: When mod_status is loaded into the server, its handler...Ensure the User Directories Module Is Disabled
Details The UserDir directive must be disabled so that user home directories are not accessed via the web site with...Ensure the WebDAV Modules Are Disabled
Details The Apache mod_dav and mod_dav_fs modules support WebDAV (‘Web-based Distributed Authoring and Versioning’) functionality for Apache. WebDAV is an...