Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Resources
Documents
Publishers
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of openEuler 2203
Services
Web Server
Web Server
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
Web Server
1 Rule
The web server is responsible for providing access to content via the HTTP protocol. Web servers represent a significant security risk because:
The HTTP port is commonly probed by malicious sources
Web server software is very complex, and includes a long history of vulnerabilities
The HTTP protocol is unencrypted and vulnerable to passive monitoring
The system's default web server software is Apache 2 and is provided in the RPM package
httpd
.
Disable Apache if Possible
1 Rule
If Apache was installed and activated, but the system does not need to act as a web server, then it should be disabled and removed from the system.
Uninstall httpd Package
Unknown Severity
The
httpd
package can be removed with the following command:
$ sudo dnf erase httpd