Disable HTTP mod_rewrite
An XCCDF Rule
Description
The mod_rewrite
module is very powerful and can protect against
certain classes of web attacks. However, it is also very complex and has a
significant history of vulnerabilities itself. If its functionality is
unnecessary, comment out the related module:
#LoadModule rewrite_module modules/mod_rewrite.so
Rationale
Minimizing the number of loadable modules available to the web server reduces risk by limiting the capabilities allowed by the web server.
- ID
- xccdf_org.ssgproject.content_rule_httpd_mod_rewrite
- Severity
- Unknown
- References
- Updated