Skip to content

The application pools rapid fail protection for each IIS 10.0 website must be enabled.

An XCCDF Rule

Description

<VulnDiscussion>Rapid fail protection is a feature that interrogates the health of worker processes associated with websites and web applications. It can be configured to perform a number of actions such as shutting down and restarting worker processes that have reached failure thresholds. By not setting rapid fail protection, the web server could become unstable in the event of a worker process crash potentially leaving the web server unusable.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-218777r961863_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Open the IIS 10.0 Manager.

Click "Application Pools".

Perform the following for each Application Pool: