Home
Security Hardening
DISA STIG Apache Site 2.2 Windows V1R13

DISA STIG Apache Site 2.2 Windows V1R13

WG400 W22 – All interactive programs must be placed in a designated directory with appropriate permissions.
Details CGI scripts represents one of the most common and exploitable means of compromising a web server. By definition, CGI...
WG410 W22 – Interactive scripts used on a web server must have proper access controls.
Details The use of CGI scripts represent one of the most common and exploitable means of compromising a web server....
WG430 W22 – Anonymous FTP user access to interactive scripts must be prohibited.
Details The directories containing the CGI scripts, such as PERL, must not be accessible to anonymous users via FTP. This...
WG460 W22 – PERL scripts must use the TAINT option.
Details PERL (Practical Extraction and Report Language) is an interpreted language optimized for scanning arbitrary text files, extracting information from...
WG490 W22 – Java software on production web servers must be limited to class files and the JAVA virtual machine. – ‘Alias – *.java’
Details From the source code in a .java or a .jpp file, the Java compiler produces a binary file with...
WG350 W22 – A private web server must have a valid DoD server certificate.
Details This check verifies that DoD is a hosted web site’s CA. The certificate is actually a DoD-issued server certificate...
WG490 W22 – Java software on production web servers must be limited to class files and the JAVA virtual machine. – ‘Alias – *.jpp’
Details From the source code in a .java or a .jpp file, the Java compiler produces a binary file with...
WG490 W22 – Java software on production web servers must be limited to class files and the JAVA virtual machine. – ‘DocumentRoot – *.java’
Details From the source code in a .java or a .jpp file, the Java compiler produces a binary file with...
WG490 W22 – Java software on production web servers must be limited to class files and the JAVA virtual machine. – ‘DocumentRoot – *.jpp’
Details From the source code in a .java or a .jpp file, the Java compiler produces a binary file with...
WG490 W22 – Java software on production web servers must be limited to class files and the JAVA virtual machine. – ‘ScriptAlias – *.java’
Details From the source code in a .java or a .jpp file, the Java compiler produces a binary file with...

Prev Next

DISA STIG Apache Site 2.2 Windows V1R13

WG400 W22 – All interactive programs must be placed in a designated directory with appropriate permissions.

WG410 W22 – Interactive scripts used on a web server must have proper access controls.

WG430 W22 – Anonymous FTP user access to interactive scripts must be prohibited.

WG460 W22 – PERL scripts must use the TAINT option.

WG490 W22 – Java software on production web servers must be limited to class files and the JAVA virtual machine. – ‘Alias – *.java’

WG350 W22 – A private web server must have a valid DoD server certificate.

WG490 W22 – Java software on production web servers must be limited to class files and the JAVA virtual machine. – ‘Alias – *.jpp’

WG490 W22 – Java software on production web servers must be limited to class files and the JAVA virtual machine. – ‘DocumentRoot – *.java’

WG490 W22 – Java software on production web servers must be limited to class files and the JAVA virtual machine. – ‘DocumentRoot – *.jpp’

WG490 W22 – Java software on production web servers must be limited to class files and the JAVA virtual machine. – ‘ScriptAlias – *.java’