III - Administrative Public
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000516-WSR-000174
Group -
OHS administration must be performed over a secure path or at the local console.
Logging into a web server remotely using an unencrypted protocol or service when performing updates and maintenance is a major risk. Data, such as user account, is transmitted in plaintext and can...Rule High Severity -
SRG-APP-000516-WSR-000174
Group -
OHS must not contain any robots.txt files.
Search engines are constantly at work on the Internet. Search engines are augmented by agents, often referred to as spiders or bots, which endeavor to capture and catalog web-site content. In tur...Rule Medium Severity -
SRG-APP-000516-WSR-000174
Group -
OHS must prohibit anonymous FTP user access to interactive scripts.
The directories containing the CGI scripts, such as PERL, must not be accessible to anonymous users via FTP. This applies to all directories that contain scripts that can dynamically produce web pa...Rule Medium Severity -
SRG-APP-000516-WSR-000174
Group -
The OHS DocumentRoot directory must be in a separate partition from the OHS ServerRoot directory.
Application partitioning enables an additional security measure by securing user traffic under one security context, while managing system and application files under another. Web content is access...Rule Medium Severity -
SRG-APP-000516-WSR-000174
Group -
The OHS DocumentRoot directory must be on a separate partition from OS root partition.
Application partitioning enables an additional security measure by securing user traffic under one security context, while managing system and application files under another. Web content is access...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.