Home
Security Hardening
CIS Apache HTTP Server 2.4 L2 V2.0.0

CIS Apache HTTP Server 2.4 L2 V2.0.0

Ensure Access to Inappropriate File Extensions Is Restricted – ‘httpd.conf approved extention FileMatch directive exists’
Details Restrict access to inappropriate file extensions that are not expected to be a legitimate part of web sites using...
Ensure Access to Inappropriate File Extensions Is Restricted – ‘httpd.conf FileMatch directive’
Details Restrict access to inappropriate file extensions that are not expected to be a legitimate part of web sites using...
Ensure All Default Apache Content Is Removed – ‘httpd.conf Alias /icons/ /var/www/icons/ does not exist’
Details In previous recommendations, we have removed default content such as the Apache manuals and default CGI programs. However, if...
Ensure All Default Apache Content Is Removed – ‘httpd.conf Include conf/extra/httpd-autoindex.conf does not exists’
Details In previous recommendations, we have removed default content such as the Apache manuals and default CGI programs. However, if...
Ensure Apache AppArmor Profile is in Enforce Mode
Details AppArmor profiles may be in one of three modes: disabled, complain or enforce. In the complain mode, any violations...
Ensure Apache Processes Run in the httpd_t Confined Context – apachectl
Details SELinux includes customizable targeted policies that may be used to confine the Apache httpd server to enforce least privileges...
Ensure Apache Processes Run in the httpd_t Confined Context – httpd
Details SELinux includes customizable targeted policies that may be used to confine the Apache httpd server to enforce least privileges...
Ensure a Syslog Facility Is Configured for Error Logging – ‘Main’
Details The ErrorLog directive should be configured to send logs to a syslog facility so that the logs can be...
Ensure a Syslog Facility Is Configured for Error Logging – ‘VirtualHost’
Details The ErrorLog directive should be configured to send logs to a syslog facility so that the logs can be...
Ensure Browser Framing Is Restricted
Details To prevent Clickjacking or UI Redressing attacks, it’s important for the server to include an HTTP header which instructs...

CIS Apache HTTP Server 2.4 L2 V2.0.0

Ensure Access to Inappropriate File Extensions Is Restricted – ‘httpd.conf approved extention FileMatch directive exists’

Ensure Access to Inappropriate File Extensions Is Restricted – ‘httpd.conf FileMatch directive’

Ensure All Default Apache Content Is Removed – ‘httpd.conf Alias /icons/ /var/www/icons/ does not exist’

Ensure All Default Apache Content Is Removed – ‘httpd.conf Include conf/extra/httpd-autoindex.conf does not exists’

Ensure Apache AppArmor Profile is in Enforce Mode

Ensure Apache Processes Run in the httpd_t Confined Context – apachectl

Ensure Apache Processes Run in the httpd_t Confined Context – httpd

Ensure a Syslog Facility Is Configured for Error Logging – ‘Main’

Ensure a Syslog Facility Is Configured for Error Logging – ‘VirtualHost’

Ensure Browser Framing Is Restricted