WA00565 A22 – HTTP request methods must be limited – Deny
Details The HTTP 1.1 protocol supports several request methods which are rarely used and potentially high risk. For example, methods...
- Home
- Security Hardening
- DISA STIG Apache Server 2.2 Unix V1R11
DISA STIG Apache Server 2.2 Unix V1R11
WA00565 A22 – HTTP request methods must be limited – LimitExcept
Details The HTTP 1.1 protocol supports several request methods which are rarely used and potentially high risk. For example, methods...WA00565 A22 – HTTP request methods must be limited – Order
Details The HTTP 1.1 protocol supports several request methods which are rarely used and potentially high risk. For example, methods...WA060 A22 – A public web server, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ Extension.
Details To minimize exposure of private assets to unnecessary risk by attackers, public web servers must be isolated from internal...WA070 A22 – A private web server must be located on a separate controlled access subnet.
Details Private web servers, which host sites that serve controlled access data, must be protected from outside threats in addition...WA230 A22 – The Web site software used with the web server must have all applicable security patches applied and documented.
Details The IAVM process does not address all patches that have been identified for the host operating system or, in...WA120 A22 – Administrative users and groups that have access rights to the web server must be documented.
Details There are typically several individuals and groups that are involved in running a production web server. These accounts must...WA140 A22 – Web server content and configuration files must be part of a routine backup program.
Details Backing up web server data and web server application software after upgrades or maintenance ensures that recovery can be...