Skip to content

Web Server Security Requirements Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The web server must protect system resources and privileged operations from hosted applications.

    <VulnDiscussion>A web server may host one too many applications. Each application will need certain system resources and privileged operatio...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Users and scripts running on behalf of users must be contained to the document root or home directory tree of the web server.

    &lt;VulnDiscussion&gt;A web server is designed to deliver content and execute scripts or applications on the request of a client or user. Containi...
    Rule Medium Severity
  • SRG-APP-000142

    <GroupDescription></GroupDescription>
    Group
  • The web server must be configured to use a specified IP address and port.

    &lt;VulnDiscussion&gt;The web server must be configured to listen on a specified IP address and port. Without specifying an IP address and port fo...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules