APACHE 2.2 Site for Windows Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
WG400
Group -
All interactive programs must be placed in a designated directory with appropriate permissions.
CGI scripts represents one of the most common and exploitable means of compromising a web server. By definition, CGI are executable by the operating system of the host server. While access control ...Rule Medium Severity -
WG410
Group -
WG110
Group -
WG170
Group -
WG230
Group -
Web server administration must be performed over a secure path or at the local console.
Logging into a web server remotely using an unencrypted protocol or service when performing updates and maintenance is a major risk. Data, such as user account, is transmitted in plaintext and can...Rule High Severity -
WG240
Group -
WG250
Group -
Log file access must be restricted to System Administrators, Web Administrators or Auditors.
A major tool in exploring the web site use, attempted use, unusual conditions and problems are the access and error logs. In the event of a security incident, these logs can provide the SA and Web ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules