Oracle HTTP Server 12.1.3 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
OHS must have the RewriteEngine directive enabled.
<VulnDiscussion>The rewrite engine is used to evaluate URL requests and modify the requests on the fly. Enabling this engine gives the syste...Rule Low Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
OHS must have the RewriteOptions directive set properly.
<VulnDiscussion>The rules for the rewrite engine can be configured to inherit those from the parent and build upon that set of rules, to copy...Rule Low Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
OHS must have the RewriteLogLevel directive set to the proper log level.
<VulnDiscussion>Logging must not contain sensitive information or more information necessary than that needed to administer the system. The ...Rule Low Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
OHS must have the RewriteLog directive set properly.
<VulnDiscussion>Specifying where the log files are written gives the system administrator the capability to store the files in a location oth...Rule Low Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
All accounts installed with the web server software and tools must have passwords assigned and default passwords changed.
<VulnDiscussion>During installation of the web server software, accounts are created for the web server to operate properly. The accounts ins...Rule Medium Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.