Ensure ETag Response Header Fields Do Not Include Inodes
Details The FileETag directive configures the file attributes that are used to create the ETag (entity tag) response header field...
- Home
- Security Hardening
- CIS Apache HTTP Server 2.4 L2 V2.0.0
CIS Apache HTTP Server 2.4 L2 V2.0.0
Ensure HTTP Strict Transport Security Is Enabled
Details HTTP Strict Transport Security (HSTS) is an optional web server security policy mechanism specified by an HTTP Server header....Ensure IP Address Based Requests Are Disallowed – [L,F] exists’
Details The Apache module mod_rewrite can be used to disallow access for requests that use an IP address instead of...Ensure IP Address Based Requests Are Disallowed – ‘httpd.conf RewriteCond %{HTTP_HOST} exists’
Details The Apache module mod_rewrite can be used to disallow access for requests that use an IP address instead of...Ensure IP Address Based Requests Are Disallowed – ‘httpd.conf RewriteCond %{REQUEST_URI} exists’
Details The Apache module mod_rewrite can be used to disallow access for requests that use an IP address instead of...Ensure IP Address Based Requests Are Disallowed – ‘httpd.conf RewriteEngine = on’
Details The Apache module mod_rewrite can be used to disallow access for requests that use an IP address instead of...Ensure ModSecurity Is Installed and Enabled
Details ModSecurity is an open source web application firewall (WAF) for real-time web application monitoring, logging, and access control. It...Ensure OCSP Stapling Is Enabled – SSLStaplingCache
Details The OCSP (Online Certificate Status Protocol) provides the current revocation status of an X.509 certificate and allows for a...Ensure OCSP Stapling Is Enabled – SSLUseStapling
Details The OCSP (Online Certificate Status Protocol) provides the current revocation status of an X.509 certificate and allows for a...Ensure Only Cipher Suites That Provide Forward Secrecy Are Enabled
Details In cryptography, forward secrecy (FS), which is also known as perfect forward secrecy (PFS), is a feature of specific...