Apache Server 2.4 UNIX Site Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Apache web server must restrict inbound connections from nonsecure zones.
Remote access to the Apache web server is any access that communicates through an external, non-organization-controlled network. Remote access can be used to access hosted applications or to perfor...Rule Medium Severity -
SRG-APP-000340-WSR-000029
Group -
SRG-APP-000380-WSR-000072
Group -
SRG-APP-000427-WSR-000186
Group -
SRG-APP-000439-WSR-000153
Group -
The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed.
A cookie is used when a web server needs to share data with the client's browser. The data is often used to remember the client when the client returns to the hosted application at a later date. A ...Rule Medium Severity -
SRG-APP-000439-WSR-000155
Group -
SRG-APP-000516-WSR-000174
Group -
The Apache web server must perform server-side session management.
Session management is the practice of protecting the bulk of the user authorization and identity information. This data can be stored on the client system or on the server. When the session info...Rule Medium Severity -
The Apache web server must produce log records containing sufficient information to establish what type of events occurred.
Apache web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a correct replay of the events cannot be determined. Ascertaining th...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.