AS24-U1-000010 – The Apache web server must limit the number of allowed simultaneous session requests – KeepAlive
Details Apache web server management includes the ability to control the number of users and user sessions that utilize an...
- Home
- Security Hardening
- DISA STIG Apache Server 2.4 Unix Server V2R5 Middleware
DISA STIG Apache Server 2.4 Unix Server V2R5 Middleware
AS24-U1-000010 – The Apache web server must limit the number of allowed simultaneous session requests – MaxKeepAliveRequests
Details Apache web server management includes the ability to control the number of users and user sessions that utilize an...AS24-U1-000020 – The Apache web server must perform server-side session management – httpd
Details Session management is the practice of protecting the bulk of the user authorization and identity information. This data can...AS24-U1-000020 – The Apache web server must perform server-side session management – session_module
Details Session management is the practice of protecting the bulk of the user authorization and identity information. This data can...AS24-U1-000020 – The Apache web server must perform server-side session management – usertrack_module
Details Session management is the practice of protecting the bulk of the user authorization and identity information. This data can...AS24-U1-000030 – The Apache web server must use cryptography to protect the integrity of remote sessions – ssl_module
Details Data exchanged between the user and the Apache web server can range from static display data to credentials used...AS24-U1-000030 – The Apache web server must use cryptography to protect the integrity of remote sessions – SSLProtocol
Details Data exchanged between the user and the Apache web server can range from static display data to credentials used...AS24-U1-000065 – The Apache web server must have system logging enabled.
Details The server error logs are invaluable because they can also be used to identify potential problems and enable proactive...AS24-U1-000070 – The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events – log_config_module
Details Log records can be generated from various components within the Apache web server (e.g., httpd, plug-ins to external backends,...AS24-U1-000230 – Expansion modules must be fully reviewed, tested, and signed before they can exist on a production Apache web server.
Details In the case of a production web server, areas for content development and testing will not exist, as this...