APACHE 2.2 Site for Windows Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Logs of web server access and errors must be established and maintained.
A major tool in exploring the web site use, attempted use, unusual conditions, and problems are reported in the access and error logs. In the event of a security incident, these logs can provide th...Rule Medium Severity -
Only web sites that have been fully reviewed and tested must exist on a production web server.
In the case of a production web server, areas for content development and testing will not exist, as this type of content is only permissible on a development web site. The process of developing on...Rule Medium Severity -
A web site must not contain a robots.txt file.
Search engines are constantly at work on the Internet. Search engines are augmented by agents, often referred to as spiders or bots, which endeavor to capture and catalog web-site content. In tur...Rule Medium Severity -
Java software on production web servers must be limited to class files and the JAVA virtual machine.
From the source code in a .java or a .jpp file, the Java compiler produces a binary file with an extension of .class. The .java or .jpp file would, therefore, reveal sensitive information regarding...Rule Low Severity -
PERL scripts must use the TAINT option.
PERL (Practical Extraction and Report Language) is an interpreted language optimized for scanning arbitrary text files, extracting information from those text files, and printing reports based on t...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules