II - Mission Support Public
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000141-WSR-000075
<GroupDescription></GroupDescription>Group -
OHS must have the IfModule dumpio_module directive disabled.
<VulnDiscussion>A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...Rule Low Severity -
SRG-APP-000141-WSR-000075
<GroupDescription></GroupDescription>Group -
OHS must have the Alias /icons/ directive disabled.
<VulnDiscussion>A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...Rule Medium Severity -
SRG-APP-000141-WSR-000075
<GroupDescription></GroupDescription>Group -
OHS must have the path to the icons directory disabled.
<VulnDiscussion>A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...Rule Medium Severity -
SRG-APP-000141-WSR-000075
<GroupDescription></GroupDescription>Group -
OHS must have the IfModule mpm_winnt_module directive disabled.
<VulnDiscussion>A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...Rule Low Severity -
SRG-APP-000141-WSR-000076
<GroupDescription></GroupDescription>Group -
OHS must have the LoadModule proxy_module directive disabled.
<VulnDiscussion>A web server should be primarily a web server or a proxy server but not both, for the same reasons that other multi-use serve...Rule Medium Severity -
SRG-APP-000141-WSR-000076
<GroupDescription></GroupDescription>Group -
OHS must have the LoadModule proxy_http_module directive disabled.
<VulnDiscussion>A web server should be primarily a web server or a proxy server but not both, for the same reasons that other multi-use serve...Rule Medium Severity -
SRG-APP-000141-WSR-000076
<GroupDescription></GroupDescription>Group -
OHS must have the LoadModule proxy_ftp_module directive disabled.
<VulnDiscussion>A web server should be primarily a web server or a proxy server but not both, for the same reasons that other multi-use serve...Rule Medium Severity -
SRG-APP-000141-WSR-000076
<GroupDescription></GroupDescription>Group -
OHS must have the LoadModule proxy_connect_module directive disabled.
<VulnDiscussion>A web server should be primarily a web server or a proxy server but not both, for the same reasons that other multi-use serve...Rule Medium Severity -
SRG-APP-000141-WSR-000076
<GroupDescription></GroupDescription>Group -
OHS must have the LoadModule proxy_balancer_module directive disabled.
<VulnDiscussion>A web server should be primarily a web server or a proxy server but not both, for the same reasons that other multi-use serve...Rule Medium Severity -
SRG-APP-000141-WSR-000077
<GroupDescription></GroupDescription>Group -
OHS must disable the directive pointing to the directory containing the OHS manuals.
<VulnDiscussion>Web server documentation, sample code, example applications, and tutorials may be an exploitable threat to a web server becau...Rule Low Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.