Disable HTTP mod_rewrite

An XCCDF Rule

Details
Profiles
Prose

Description

The mod_rewrite module is very powerful and can protect against certain classes of web attacks. However, it is also very complex and has a significant history of vulnerabilities itself. If its functionality is unnecessary, comment out the related module:

#LoadModule rewrite_module modules/mod_rewrite.so

Rationale

Minimizing the number of loadable modules available to the web server reduces risk by limiting the capabilities allowed by the web server.

ID: xccdf_org.ssgproject.content_rule_httpd_mod_rewrite
Severity: Unknown
Updated: about 1 year ago