Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Oracle HTTP Server 12.1.3 Security Technical Implementation Guide
SRG-APP-000516-WSR-000174
SRG-APP-000516-WSR-000174
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-APP-000516-WSR-000174
1 Rule
<GroupDescription></GroupDescription>
OHS must have the RewriteOptions directive set properly.
Low Severity
<VulnDiscussion>The rules for the rewrite engine can be configured to inherit those from the parent and build upon that set of rules, to copy the rules from the parent if there are none defined or to only process the rules if the input is a URL. Of these, the most secure is to inherit from the parent because of how this implemented. The rules for the current configuration, process or directory, are loaded and then the parent are overlaid. This means that the parent rule will always override the child rule. This gives the server a more consistent security configuration.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>