Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Red Hat Enterprise Linux 8
Services
Web Server
Secure Apache Configuration
Directory Restrictions
Restrict Other Critical Directories
Restrict Other Critical Directories
An XCCDF Rule
Details
Profiles
Prose
Restrict Other Critical Directories
Unknown Severity
All accessible web directories should be configured with similarly restrictive settings. The
Options
directive should be limited to necessary functionality and the
AllowOverride
directive should be used only if needed. The
Order
and
Deny
access control tags should be used to deny access by default, allowing access only where necessary.