Oracle HTTP Server 12.1.3 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The listen-address element defined within the config.xml of the OHS Standalone domain that supports OHS must be configured for secure communication.
<VulnDiscussion>Oracle Node Manager is the utility that is used to perform common operational tasks for OHS. When starting an OHS instance, ...Rule Medium Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
The listen-port element defined within the config.xml of the OHS Standalone Domain must be configured for secure communication.
<VulnDiscussion>Oracle Node Manager is the utility that is used to perform common operational tasks for OHS. When starting an OHS instance, ...Rule Medium Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
The WLST_PROPERTIES environment variable defined for the OHS WebLogic Scripting Tool must be updated to reference an appropriate trust store so that it can communicate with the Node Manager supporting OHS.
<VulnDiscussion>Oracle Node Manager is the utility that is used to perform common operational tasks for OHS. When starting an OHS instance, ...Rule Medium Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
OHS must have the SSLSessionCacheTimeout directive set properly.
<VulnDiscussion>During an SSL session, information about the session is stored in the global/inter-process SSL Session Cache, the OpenSSL int...Rule Medium Severity -
The WLST_PROPERTIES environment variable defined for the Fusion Middleware WebLogic Scripting Tool must be updated to reference an appropriate trust store so that it can communicate with the Node Manager supporting OHS.
<VulnDiscussion>Oracle Node Manager is the utility that is used to perform common operational tasks for OHS. When starting an OHS instance, ...Rule Medium Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
OHS must limit access to the Dynamic Monitoring Service (DMS).
<VulnDiscussion>The Oracle Dynamic Monitoring Service (DMS) enables application developers, support analysts, system administrators, and othe...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.