Public web server resources must not be shared with private assets.
An XCCDF Rule
Description
It is important to segregate public web server resources from private resources located behind the DoD DMZ in order to protect private assets. When folders, drives or other resources are directly shared between the public web server and private servers the intent of data and resource segregation can be compromised.
| Property | Value |
|---|---|
| Responsibility | Web Administrator |
- ID
- SV-33044r2_rule
- Version
- WG040 W22
- Severity
- Medium
- Updated
Remediation Templates
A Manual Procedure
Configure the public web server to not have a trusted relationship with any system resource that is not accessible to the public. Web content is not to be shared via Microsoft shares or NFS mounts.