Guide to the Secure Configuration of Red Hat Enterprise Linux 7
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Configure HTTP PERL Scripts To Use TAINT Option
If the <code>mod_perl</code> module is installed, enable Perl Taint checking in <code>/etc/httpd/conf/httpd.conf</code>. To enable Perl Taint check...Rule Medium Severity -
Configure PHP Securely
PHP is a widely-used and often misconfigured server-side scripting language. It should be used with caution, but configured appropriately when need...Group -
Directory Restrictions
The Directory tags in the web server configuration file allow finer grained access control for a specified directory. All web directories should be...Group -
Web Content Directories Must Not Be Shared Anonymously
Web content directories should not be shared anonymously over remote filesystems such as <code>nfs</code> and <code>smb</code>. Remove the shares f...Rule Medium Severity -
Remove Write Permissions From Filesystem Paths And Server Scripts
Configure permissions for each instance of <code>Alias</code>, <code>ScriptAlias</code>, and <code>ScriptAliasMatch</code> that exist. <pre>$ sudo ...Rule High Severity -
Disable Anonymous FTP Access
If any directories that contain dynamic scripts can be accessed via FTP by any group or user that does not require access, remove permissions to su...Rule Medium Severity -
Ignore HTTPD .htaccess Files
SetAllowOverridetononefor each instant of<Directory>.Rule Medium Severity -
Limit Available Methods
Web server methods are defined in section 9 of RFC 2616 ( <a href="http://www.ietf.org/rfc/rfc2616.txt">http://www.ietf.org/rfc/rfc2616.txt</a>...Rule Unknown Severity -
Restrict Other Critical Directories
All accessible web directories should be configured with similarly restrictive settings. The <code>Options</code> directive should be limited to ne...Rule Unknown Severity -
Restrict Root Directory
The <code>httpd</code> root directory should always have the most restrictive configuration enabled. <pre><Directory / > Options None A...Rule Unknown Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules