Apache Server 2.4 UNIX Server Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000089-WSR-000047
<GroupDescription></GroupDescription>Group -
SRG-APP-000001-WSR-000002
<GroupDescription></GroupDescription>Group -
The Apache web server must perform server-side session management.
<VulnDiscussion>Session management is the practice of protecting the bulk of the user authorization and identity information. This data can b...Rule Medium Severity -
SRG-APP-000014-WSR-000006
<GroupDescription></GroupDescription>Group -
The Apache web server must use cryptography to protect the integrity of remote sessions.
<VulnDiscussion>Data exchanged between the user and the Apache web server can range from static display data to credentials used to log on to...Rule Medium Severity -
SRG-APP-000516-WSR-000174
<GroupDescription></GroupDescription>Group -
The Apache web server must have system logging enabled.
<VulnDiscussion>The server error logs are invaluable because they can also be used to identify potential problems and enable proactive remedi...Rule Medium Severity -
The Apache web server must not be a proxy server.
<VulnDiscussion>A web server should be primarily a web server or a proxy server but not both, for the same reasons that other multi-use serve...Rule Medium Severity -
SRG-APP-000141-WSR-000077
<GroupDescription></GroupDescription>Group -
The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events.
<VulnDiscussion>Log records can be generated from various components within the Apache web server (e.g., httpd, plug-ins to external backends...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.