Skip to content

The IIS 10.0 web server must be tuned to handle the operational requirements of the hosted application.

An XCCDF Rule

Description

<VulnDiscussion>A Denial of Service (DoS) can occur when the web server is overwhelmed and can no longer respond to additional requests. A web server not properly tuned may become overwhelmed and cause a DoS condition even with expected traffic from users. To avoid a DoS, the web server must be tuned to handle the expected traffic for the hosted applications.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-218819r879806_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Access the IIS 10.0 web server registry.

Verify the following keys are present and configured. The required setting depends upon the requirements of the application. These settings must be explicitly configured to show a conscientious tuning has been made.

Navigate to HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\