Skip to content

Oracle HTTP Server 12.1.3 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • OHS must have the LoadModule authn_file_module directive disabled.

    <VulnDiscussion>A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Medium Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule authn_anon_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Medium Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule proxy_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Medium Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule proxy_http_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Medium Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule proxy_ftp_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Medium Severity
  • OHS must have the LoadModule proxy_connect_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Medium Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule proxy_balancer_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Medium Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule cern_meta_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Low Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule expires_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Low Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule usertrack_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Low Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule uniqueid_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules