Skip to content

Guide to the Secure Configuration of Red Hat Enterprise Linux 8

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Disable MIME Magic

    The <code>mime_magic</code> module provides a second layer of MIME support that in most configurations is likely extraneous. If its functionality i...
    Rule Unknown Severity
  • Disable HTTP mod_rewrite

    The <code>mod_rewrite</code> module is very powerful and can protect against certain classes of web attacks. However, it is also very complex and h...
    Rule Unknown Severity
  • Disable Proxy Support

    The <code>proxy</code> module provides proxying support, allowing <code>httpd</code> to forward requests and serve as a gateway for other servers. ...
    Rule Unknown Severity
  • Disable Server Activity Status

    The <code>status</code> module provides real-time access to statistics on the internal operation of the web server. This may constitute an unnecess...
    Rule Unknown Severity
  • Disable Web Server Configuration Display

    The <code>info</code> module creates a web page illustrating the configuration of the web server. This can create an unnecessary security leak and ...
    Rule Unknown Severity
  • Disable Server Side Includes

    Server Side Includes provide a method of dynamically generating web pages through the insertion of server-side code. However, the technology is als...
    Rule Unknown Severity
  • Disable URL Correction on Misspelled Entries

    The <code>speling</code> module attempts to find a document match by allowing one misspelling in an otherwise failed request. If this functionality...
    Rule Unknown Severity
  • Disable WebDAV (Distributed Authoring and Versioning)

    WebDAV is an extension of the HTTP protocol that provides distributed and collaborative access to web content. If its functionality is unnecessary,...
    Rule Unknown Severity
  • Minimize Modules for HTTP Basic Authentication

    The following modules are necessary if this web server will provide content that will be restricted by a password. <br><br> Authentication can be p...
    Group
  • Minimize Configuration Files Included

    The <code>Include</code> directive directs <code>httpd</code> to load supplementary configuration files from a provided path. The default configura...
    Group

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules