Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Red Hat Enterprise Linux 8

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Minimize Modules for HTTP Basic Authentication

    The following modules are necessary if this web server will provide content that will be restricted by a password. <br><br> Authentication can be p...
    Group
    Show

  • Minimize Configuration Files Included

    The <code>Include</code> directive directs <code>httpd</code> to load supplementary configuration files from a provided path. The default configura...
    Group
    Show

  • Set httpd ServerTokens Directive to Prod

    <code>ServerTokens Prod</code> restricts information in page headers, returning only the word "Apache." <br><br> Add or correct the following direc...
    Rule Unknown Severity
    Show

  • Install the Samba Common Package

    The <code>samba-common</code> package should be installed. The <code>samba-common</code> package can be installed with the following command: <pre>...
    Rule Medium Severity
    Show

  • Minimize Various Optional Components

    The following modules perform very specific tasks, sometimes providing access to just a few additional directives. If such functionality is not req...
    Group
    Show

  • Use Appropriate Modules to Improve httpd's Security

    Among the modules available for <code>httpd</code> are several whose use may improve the security of the web server installation. This section reco...
    Group
    Show

  • Deploy mod_security

    The <code>security</code> module provides an application level firewall for <code>httpd</code>. Following its installation with the base ruleset, s...
    Group
    Show

  • Install mod_security

    Install the <code>security</code> module: The <code>mod_security</code> package can be installed with the following command: <pre> $ sudo yum insta...
    Rule Unknown Severity
    Show

  • Deploy mod_ssl

    Because HTTP is a plain text protocol, all traffic is susceptible to passive monitoring. If there is a need for confidentiality, SSL should be conf...
    Group
    Show

  • Enable Transport Layer Security (TLS) Encryption

    Disable old SSL and TLS version and enable the latest TLS encryption by setting the following in <code>/etc/httpd/conf.modules.d/ssl.conf</code>: <...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules