Skip to content

Apache Server 2.4 Windows Site Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000295-WSR-000134

    <GroupDescription></GroupDescription>
    Group
  • The Apache web server must be tuned to handle the operational requirements of the hosted application.

    &lt;VulnDiscussion&gt;A denial of service (DoS) can occur when the web server is so overwhelmed that it can no longer respond to additional request...
    Rule Medium Severity
  • SRG-APP-000439-WSR-000153

    <GroupDescription></GroupDescription>
    Group
  • The Apache web server must set an inactive timeout for completing the TLS handshake.

    &lt;VulnDiscussion&gt;Leaving sessions open indefinitely is a major security risk. An attacker can easily use an already authenticated session to a...
    Rule Medium Severity
  • SRG-APP-000315-WSR-000004

    <GroupDescription></GroupDescription>
    Group

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules