Guide to the Secure Configuration of Red Hat Enterprise Linux 7
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Disable HTTP Digest Authentication
The <code>auth_digest</code> module provides encrypted authentication sessions. If this functionality is unnecessary, comment out the related modul...Rule Unknown Severity -
Enable log_config_module For HTTPD Logging
The <code>log_config_module</code> should exist and be configured in the <code>/etc/httpd/conf/httpd.conf</code> file by adding the following modul...Rule Medium Severity -
Disable LDAP Support
The <code>ldap</code> module provides HTTP authentication via an LDAP directory. If its functionality is unnecessary, comment out the related modul...Rule Unknown Severity -
Disable MIME Magic
The <code>mime_magic</code> module provides a second layer of MIME support that in most configurations is likely extraneous. If its functionality i...Rule Unknown Severity -
Configure All Systems which Use NFS
The steps in this section are appropriate for all systems which run NFS, whether they operate as clients or as servers.Group -
Disable HTTP mod_rewrite
The <code>mod_rewrite</code> module is very powerful and can protect against certain classes of web attacks. However, it is also very complex and h...Rule Unknown Severity -
Disable Proxy Support
The <code>proxy</code> module provides proxying support, allowing <code>httpd</code> to forward requests and serve as a gateway for other servers. ...Rule Unknown Severity -
Disable Server Activity Status
The <code>status</code> module provides real-time access to statistics on the internal operation of the web server. This may constitute an unnecess...Rule Unknown Severity -
Disable Web Server Configuration Display
The <code>info</code> module creates a web page illustrating the configuration of the web server. This can create an unnecessary security leak and ...Rule Unknown Severity -
Disable Server Side Includes
Server Side Includes provide a method of dynamically generating web pages through the insertion of server-side code. However, the technology is als...Rule Unknown Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules