Home
Security Hardening
DISA STIG VMware vSphere 6.7 VAMI-lighttpd V1R1

DISA STIG VMware vSphere 6.7 VAMI-lighttpd V1R1

VCLD-67-000016 – VAMI must only load allowed server modules – mod_rewrite
Details A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too...
VCLD-67-000001 – VAMI must limit the number of simultaneous requests.
Details Denial of service (DOS) is one threat against web servers. Many DoS attacks attempt to consume web server resources...
VCLD-67-000016 – VAMI must only load allowed server modules – mod_setenv
Details A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too...
VCLD-67-000002 – VAMI must be configured with FIPS 140-2 compliant ciphers for HTTPS connections.
Details Encryption of data in flight is an essential element of protecting information confidentiality. If a web server uses weak...
VCLD-67-000017 – VAMI must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled.
Details Controlling what a user of a hosted application can access is part of the security posture of the web...
VCLD-67-000003 – VAMI must use cryptography to protect the integrity of remote sessions.
Details Data exchanged between the user and the web server can range from static display data to credentials used to...
VCLD-67-000004 – VAMI must be configured to monitor remote access.
Details Remote access can be exploited by an attacker to compromise the server. By recording all remote access activities, it...
VCLD-67-000005 – VAMI must generate log records for system startup and shutdown.
Details Logging must be started as soon as possible when a service starts and when a service is stopped. Many...
VCLD-67-000006 – VAMI must produce log records containing sufficient information to establish what type of events occurred.
Details After a security incident has occurred, investigators will often review log files to determine what happened. Understanding what type...
VCLD-67-000011 – VAMI log files must only be accessible by privileged users – access.log
Details Log data is essential in the investigation of events. If log data were to become compromised, competent forensic analysis...

DISA STIG VMware vSphere 6.7 VAMI-lighttpd V1R1

VCLD-67-000016 – VAMI must only load allowed server modules – mod_rewrite

VCLD-67-000001 – VAMI must limit the number of simultaneous requests.

VCLD-67-000016 – VAMI must only load allowed server modules – mod_setenv

VCLD-67-000002 – VAMI must be configured with FIPS 140-2 compliant ciphers for HTTPS connections.

VCLD-67-000017 – VAMI must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled.

VCLD-67-000003 – VAMI must use cryptography to protect the integrity of remote sessions.

VCLD-67-000004 – VAMI must be configured to monitor remote access.

VCLD-67-000005 – VAMI must generate log records for system startup and shutdown.

VCLD-67-000006 – VAMI must produce log records containing sufficient information to establish what type of events occurred.

VCLD-67-000011 – VAMI log files must only be accessible by privileged users – access.log