WA000-WWA060 W22 – The HTTP request message body size must be limited.
Details Buffer overflow attacks are carried out by a malicious attacker sending amounts of data that the web server cannot...
- Home
- Security Hardening
- DISA STIG Apache Server 2.2 Windows V1R13
DISA STIG Apache Server 2.2 Windows V1R13
WA000-WWA062 W22 – The HTTP request header fields must be limited.
Details Buffer overflow attacks are carried out by a malicious attacker sending amounts of data that the web server cannot...WA000-WWA064 W22 – The HTTP request header field size must be limited.
Details Buffer overflow attacks are carried out by a malicious attacker sending amounts of data that the web server cannot...WA000-WWA066 W22 – The HTTP request line must be limited.
Details Buffer overflow attacks are carried out by a malicious attacker sending amounts of data that the web server cannot...WA00505 W22 – Web Distributed Authoring and Versioning (WebDAV) must be disabled.
Details The Apache mod_dav and mod_dav_fs modules support WebDAV (‘Web-based Distributed Authoring and Versioning’) functionality for Apache. WebDAV is an...WA00510 W22 – Web server status module must be disabled.
Details The Apache mod_info module provides information on the server configuration via access to a /server-info URL location, while the...WA00515 W22 – Automatic directory indexing must be disabled.
Details To identify the type of web servers and versions software installed it is common for attackers to scan for...WA00520 W22 – The web server must not be configured as a proxy server.
Details The Apache proxy modules allow the server to act as a proxy (either forward or reverse proxy) of http...WA00525 W22 – User specific directories must not be globally enabled.
Details The UserDir directive must be disabled so that user home directories are not accessed via the web site with...WA00530 W22 – The process ID (PID) file must be properly secured.
Details The PidFile directive sets the path to the process ID file to which the server records the process ID...