Skip to content

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000516-WSR-000174

    <GroupDescription></GroupDescription>
    Group
  • OHS must restrict access methods.

    &lt;VulnDiscussion&gt;The directive "&lt;LimitExcept&gt;" allows the system administrator to restrict what users may use which methods. An example...
    Rule Medium Severity
  • SRG-APP-000516-WSR-000174

    <GroupDescription></GroupDescription>
    Group
  • The OHS htdocs directory must not contain any default files.

    &lt;VulnDiscussion&gt;Default files from the OHS installation should not be part of the htdocs directory. These files are not always patched or su...
    Rule Medium Severity
  • SRG-APP-000516-WSR-000174

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the SSLSessionCacheTimeout directive set properly.

    &lt;VulnDiscussion&gt;During an SSL session, information about the session is stored in the global/inter-process SSL Session Cache, the OpenSSL int...
    Rule Medium Severity
  • SRG-APP-000516-WSR-000174

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the RewriteEngine directive enabled.

    &lt;VulnDiscussion&gt;The rewrite engine is used to evaluate URL requests and modify the requests on the fly. Enabling this engine gives the syste...
    Rule Low Severity
  • SRG-APP-000516-WSR-000174

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the RewriteOptions directive set properly.

    &lt;VulnDiscussion&gt;The rules for the rewrite engine can be configured to inherit those from the parent and build upon that set of rules, to copy...
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules