III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
The Apache web server must use cryptography to protect the integrity of remote sessions.
Data exchanged between the user and the Apache web server can range from static display data to credentials used to log on to the hosted application. Even when data appears to be static, the non-di...Rule Medium Severity -
SRG-APP-000516-WSR-000174
Group -
The Apache web server must have system logging enabled.
The server error logs are invaluable because they can also be used to identify potential problems and enable proactive remediation. Log data can reveal anomalous behavior such as “not found” or “un...Rule Medium Severity -
SRG-APP-000089-WSR-000047
Group -
The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events.
Log records can be generated from various components within the Apache web server (e.g., httpd, plug-ins to external backends, etc.). From a web server perspective, certain specific Apache web serv...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules