Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Debian 10
Services
Web Server
Secure Apache Configuration
Use Appropriate Modules to Improve httpd's Security
Deploy mod_security
Deploy mod_security
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
Deploy mod_security
The
security
module provides an application level firewall for
httpd
. Following its installation with the base ruleset, specific configuration advice can be found at
http://www.modsecurity.org/
to design a policy that best matches the security needs of the web applications. Usage of
mod_security
is highly recommended for some environments, but it should be noted this module does not ship with Red Hat Enterprise Linux itself, and instead is provided via Extra Packages for Enterprise Linux (EPEL). For more information on EPEL please refer to
http://fedoraproject.org/wiki/EPEL
.