Apache Tomcat Application Server 9 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000141-AS-000095
Group -
DefaultServlet directory listings parameter must be disabled.
The DefaultServlet serves static resources as well as directory listings. It is declared globally in $CATALINA_BASE/conf/web.xml and by default is configured with the directory "listings" parameter...Rule Low Severity -
SRG-APP-000141-AS-000095
Group -
SRG-APP-000141-AS-000095
Group -
Autodeploy must be disabled.
Tomcat allows auto-deployment of applications while Tomcat is running. This can allow untested or malicious applications to be automatically loaded into production. Autodeploy must be disabled in p...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules