HTTPD Log Files Must Be Owned By Root
An XCCDF Rule
Description
All httpd logs must be owned by root user and group. By default,
the path for httpd logs is /var/log/httpd/
To properly set the owner of /var/log/httpd, run the command:
$ sudo chown root /var/log/httpdTo properly set the owner of
/var/log/httpd/*, run the command:
$ sudo chown root /var/log/httpd/*
Rationale
A major tool in exploring the web site use, attempted use, unusual conditions, and problems are the access and error logs. In the event of a security incident, these logs can provide the SA and the web administrator with valuable information. Because of the information that is captured in the logs, it is critical that only authorized individuals have access to the logs.
- ID
- xccdf_org.ssgproject.content_rule_http_configure_log_file_ownership
- Severity
- Medium
- References
- Updated