1.1 Ensure the Pre-Installation Planning Checklist Has Been Implemented | |
1.2 Ensure the Server Is Not a Multi-Use System | SYSTEM AND COMMUNICATIONS PROTECTION |
1.3 Ensure Apache Is Installed From the Appropriate Binaries | CONFIGURATION MANAGEMENT |
2.1 Ensure Only Necessary Authentication and Authorization Modules Are Enabled - 'auth*' | CONFIGURATION MANAGEMENT |
2.1 Ensure Only Necessary Authentication and Authorization Modules Are Enabled - 'LDAP' | CONFIGURATION MANAGEMENT |
2.2 Ensure the Log Config Module Is Enabled | AUDIT AND ACCOUNTABILITY |
2.3 Ensure the WebDAV Modules Are Disabled | SYSTEM AND INFORMATION INTEGRITY |
2.4 Ensure the Status Module Is Disabled | SYSTEM AND INFORMATION INTEGRITY |
2.5 Ensure the Autoindex Module Is Disabled | CONFIGURATION MANAGEMENT |
2.6 Ensure the Proxy Modules Are Disabled | SYSTEM AND INFORMATION INTEGRITY |
2.7 Ensure the User Directories Module Is Disabled | CONFIGURATION MANAGEMENT |
2.8 Ensure the Info Module Is Disabled | SYSTEM AND INFORMATION INTEGRITY |
2.9 Ensure the Basic and Digest Authentication Modules are Disabled - auth_basic_module | SYSTEM AND INFORMATION INTEGRITY |
2.9 Ensure the Basic and Digest Authentication Modules are Disabled - auth_digest_module | SYSTEM AND INFORMATION INTEGRITY |
3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'apache account is configured' | ACCESS CONTROL |
3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd services are running as apache user' | ACCESS CONTROL |
3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf Group = apache' | ACCESS CONTROL |
3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf User = apache' | ACCESS CONTROL |
3.2 Ensure the Apache User Account Has an Invalid Shell | ACCESS CONTROL |
3.3 Ensure the Apache User Account Is Locked | ACCESS CONTROL |
3.4 Ensure Apache Directories and Files Are Owned By Root | ACCESS CONTROL |
3.5 Ensure the Group Is Set Correctly on Apache Directories and Files | ACCESS CONTROL |
3.6 Ensure Other Write Access on Apache Directories and Files Is Restricted | ACCESS CONTROL |
3.7 Ensure the Core Dump Directory Is Secured | |
3.8 Ensure the Lock File Is Secured - 'LockFile directory' | ACCESS CONTROL |
3.8 Ensure the Lock File Is Secured - 'LockFile permissions' | ACCESS CONTROL |
3.9 Ensure the Pid File Is Secured | ACCESS CONTROL |
3.9 Secure the Pid File - 'PidFile directory' | ACCESS CONTROL |
3.10 Ensure the ScoreBoard File Is Secured | CONFIGURATION MANAGEMENT |
3.11 Ensure Group Write Access for the Apache Directories and Files Is Properly Restricted | ACCESS CONTROL |
3.12 Ensure Group Write Access for the Document Root Directories and Files Is Properly Restricted | ACCESS CONTROL |
3.13 Ensure Access to Special Purpose Application Writable Directories is Properly Restricted | ACCESS CONTROL |
4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Deny = from all | ACCESS CONTROL |
4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf no Allow directives exist' | ACCESS CONTROL |
4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf no Deny directives exist' | ACCESS CONTROL |
4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf no Require directives exist' | ACCESS CONTROL |
4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Order = Deny,Allow | ACCESS CONTROL |
4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Require all denied | ACCESS CONTROL |
4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Allow is configured' | ACCESS CONTROL |
4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Deny is configured' | ACCESS CONTROL |
4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Order Deny,Allow' | ACCESS CONTROL |
4.2 Ensure Appropriate Access to Web Content Is Allowed - 'No Order/Deny/Allow' | ACCESS CONTROL |
4.2 Ensure Appropriate Access to Web Content Is Allowed - 'Require is configured' | ACCESS CONTROL |
4.3 Ensure OverRide Is Disabled for the OS Root Directory | ACCESS CONTROL |
4.4 Ensure OverRide Is Disabled for All Directories | ACCESS CONTROL |
5.1 Ensure Options for the OS Root Directory Are Restricted | SYSTEM AND INFORMATION INTEGRITY |
5.2 Ensure Options for the Web Root Directory Are Restricted | CONFIGURATION MANAGEMENT |
5.3 Ensure Options for Other Directories Are Minimized | CONFIGURATION MANAGEMENT |
5.4 Ensure Default HTML Content Is Removed - 'httpd-manual is not installed' | CONFIGURATION MANAGEMENT |
5.4 Ensure Default HTML Content Is Removed - 'other handler does not exist' | CONFIGURATION MANAGEMENT |