APACHE 2.2 Server for UNIX Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
WG370
Group -
MIME types for csh or sh shell programs must be disabled.
Users must not be allowed to access the shell programs. Shell programs might execute shell escapes and could then perform unauthorized activities that could damage the security posture of the web s...Rule Medium Severity -
WG420
Group -
WG050
Group -
The web server password(s) must be entrusted to the SA or Web Manager.
Normally, a service account is established for the web server. This is because a privileged account is not desirable and the server is designed to run for long uninterrupted periods of time. The SA...Rule Medium Severity -
WG040
Group -
WG080
Group -
Installation of a compiler on production web server is prohibited.
The presence of a compiler on a production server facilitates the malicious user’s task of creating custom versions of programs and installing Trojan Horses or viruses. For example, the attacker’s ...Rule Medium Severity -
WA060
Group -
WA070
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules