Skip to content
Log In

II - Mission Support Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000516-WSR-000174

    Group
    Show

  • Remote authors or content providers must have all files scanned for viruses and malicious code before uploading files to the Document Root directory.

    Remote web authors should not be able to upload files to the DocumentRoot directory structure without virus checking and checking for malicious or mobile code. A remote web user whose agency has a ...
    Rule Medium Severity
    Show

  • SRG-APP-000516-WSR-000174

    Group
    Show

  • A public OHS server must use TLS if authentication is required to host web sites.

    Transport Layer Security (TLS) is optional for a public web server. However, if authentication is being performed, then the use of the TLS protocol is required. Without the use of TLS, the authen...
    Rule Medium Severity
    Show

  • SRG-APP-000516-WSR-000174

    Group
    Show

  • OHS hosted web sites must utilize ports, protocols, and services according to PPSM guidelines.

    Failure to comply with DoD ports, protocols, and services (PPS) requirements can result in compromise of enclave boundary protections and/or functionality of the automated information system (AIS)....
    Rule Low Severity
    Show

  • SRG-APP-000516-WSR-000174

    Group
    Show

  • OHS must not have the directive PlsqlDatabasePassword set in clear text.

    OHS supports the use of the module mod_plsql, which allows applications to be hosted that are PL/SQL-based. To access the database, the module must have a valid username, password and database nam...
    Rule High Severity
    Show

  • SRG-APP-000141-WSR-000075

    Group
    Show

  • If WebLogic is not in use with OHS, OHS must have the include mod_wl_ohs.conf directive disabled at the server level.

    A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to run on a production DoD system. The web server must provide the capabil...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules