Home
Security Hardening
DISA STIG Apache Server 2.4 Unix Server V2R5

DISA STIG Apache Server 2.4 Unix Server V2R5

AS24-U1-000440 – Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.
Details By separating Apache web server security functions from non-privileged users, roles can be developed that can then be used...
AS24-U1-000270 – The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials – httpd-manual package
Details Apache web server documentation, sample code, example applications, and tutorials may be an exploitable threat to an Apache web...
AS24-U1-000270 – The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials – Other SetHandler config
Details Apache web server documentation, sample code, example applications, and tutorials may be an exploitable threat to an Apache web...
AS24-U1-000270 – The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials – server-info
Details Apache web server documentation, sample code, example applications, and tutorials may be an exploitable threat to an Apache web...
AS24-U1-000270 – The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials – server-status
Details Apache web server documentation, sample code, example applications, and tutorials may be an exploitable threat to an Apache web...
AS24-U1-000270 – The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials – Welcome page
Details Apache web server documentation, sample code, example applications, and tutorials may be an exploitable threat to an Apache web...
AS24-U1-000300 – The Apache web server must have resource mappings set to disable the serving of certain file types.
Details Resource mapping is the process of tying a particular file type to a process in the web server that...
AS24-U1-000310 – The Apache web server must allow the mappings to unused and vulnerable scripts to be removed.
Details Scripts allow server-side processing on behalf of the hosted application user or as processes needed in the implementation of...
AS24-U1-000330 – The Apache web server must have Web Distributed Authoring (WebDAV) disabled.
Details A web server can be installed with functionality that, by its nature, is not secure. WebDAV is an extension...
AS24-U1-000360 – The Apache web server must be configured to use a specified IP address and port – IP or Port Only
Details The web server must be configured to listen on a specified IP address and port. Without specifying an IP...

Prev Next

DISA STIG Apache Server 2.4 Unix Server V2R5

AS24-U1-000440 – Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.

AS24-U1-000270 – The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials – httpd-manual package

AS24-U1-000270 – The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials – Other SetHandler config

AS24-U1-000270 – The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials – server-info

AS24-U1-000270 – The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials – server-status

AS24-U1-000270 – The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials – Welcome page

AS24-U1-000300 – The Apache web server must have resource mappings set to disable the serving of certain file types.

AS24-U1-000310 – The Apache web server must allow the mappings to unused and vulnerable scripts to be removed.

AS24-U1-000330 – The Apache web server must have Web Distributed Authoring (WebDAV) disabled.

AS24-U1-000360 – The Apache web server must be configured to use a specified IP address and port – IP or Port Only