Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Red Hat Enterprise Linux 8

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Configure PERL Securely

    PERL (Practical Extraction and Report Language) is an interpreted language optimized for scanning arbitrary text files, extracting information from...
    Group
    Show

  • Configure HTTP PERL Scripts To Use TAINT Option

    If the <code>mod_perl</code> module is installed, enable Perl Taint checking in <code>/etc/httpd/conf/httpd.conf</code>. To enable Perl Taint check...
    Rule Medium Severity
    Show

  • Configure PHP Securely

    PHP is a widely-used and often misconfigured server-side scripting language. It should be used with caution, but configured appropriately when need...
    Group
    Show

  • Directory Restrictions

    The Directory tags in the web server configuration file allow finer grained access control for a specified directory. All web directories should be...
    Group
    Show

  • Make Each System a Client or a Server, not Both

    If NFS must be used, it should be deployed in the simplest configuration possible to avoid maintainability problems which may lead to unnecessary s...
    Group
    Show

  • Disable rpcbind Service

    The rpcbind utility maps RPC services to the ports on which they listen. RPC processes notify rpcbind when they start, registering the ports they a...
    Rule Low Severity
    Show

  • Web Content Directories Must Not Be Shared Anonymously

    Web content directories should not be shared anonymously over remote filesystems such as <code>nfs</code> and <code>smb</code>. Remove the shares f...
    Rule Medium Severity
    Show

  • Remove Write Permissions From Filesystem Paths And Server Scripts

    Configure permissions for each instance of <code>Alias</code>, <code>ScriptAlias</code>, and <code>ScriptAliasMatch</code> that exist. <pre>$ sudo ...
    Rule High Severity
    Show

  • Disable Anonymous FTP Access

    If any directories that contain dynamic scripts can be accessed via FTP by any group or user that does not require access, remove permissions to su...
    Rule Medium Severity
    Show

  • Ignore HTTPD .htaccess Files

    Set AllowOverride to none for each instant of <Directory>.
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules