Oracle HTTP Server 12.1.3 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The OHS instance configuration must not reference directories that contain an .htaccess file.
<VulnDiscussion>.htaccess files are used to override settings in the OHS configuration files. The placement of the .htaccess file is also im...Rule Medium Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
OHS must have the HostnameLookups directive enabled.
<VulnDiscussion>Setting the "HostnameLookups" to "On" allows for more information to be logged in the event of an attack and subsequent inves...Rule Low Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
OHS must have the ServerAdmin directive set properly.
<VulnDiscussion>Making sure that information is given to the system administrator in a timely fashion is important. This information can be ...Rule Medium Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
OHS must restrict access methods.
<VulnDiscussion>The directive "<LimitExcept>" allows the system administrator to restrict what users may use which methods. An example...Rule Medium Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
The OHS htdocs directory must not contain any default files.
<VulnDiscussion>Default files from the OHS installation should not be part of the htdocs directory. These files are not always patched or su...Rule Medium Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules