CIS Apache HTTP Server 2.2 L2 v3.6.0

Audit Details

Name: CIS Apache HTTP Server 2.2 L2 v3.6.0

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.14

Estimated Item Count: 135

File Details

Filename: CIS_Apache_HTTP_Server_2.2_Benchmark_v3.6.0_Level_2.audit

Size: 470 kB

MD5: d6801fd16ccd1cff4b86f156c26b7ee2
SHA256: b0e1111e5ee9f80c198f1d743e573d5d5dee553a64a3c06aa36b1844ebeb6e9d

Audit Changelog

 
Revision 1.14

Jun 17, 2024

Miscellaneous
  • Metadata updated.
Revision 1.13

Nov 1, 2023

Miscellaneous
  • Metadata updated.
  • Platform check updated.
Revision 1.12

Apr 12, 2023

Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.11

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.10

Jan 4, 2023

Miscellaneous
  • Metadata updated.
Revision 1.9

Dec 7, 2022

Functional Update
  • 12.1 Ensure the AppArmor Framework Is Enabled
  • 12.2 Ensure the Apache AppArmor Profile Is Configured Properly
  • 12.3 Ensure the Apache AppArmor Profile Is in Enforce Mode
  • 4.2 Ensure Appropriate Access to Web Content Is Allowed - 'No Order/Deny/Allow'
  • 4.2 Ensure Appropriate Access to Web Content Is Allowed - 'Require is configured'
  • 4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Allow is configured'
  • 4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Deny is configured'
  • 4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Order Deny,Allow'
  • 5.2 Ensure Options for the Web Root Directory Are Restricted
  • 5.7 Ensure HTTP Request Methods Are Restricted - 'No Deny/Allow'
  • 5.7 Ensure HTTP Request Methods Are Restricted - 'Require all denied'
  • 5.7 Ensure HTTP Request Methods Are Restricted - 'httpd.conf Document Root LimitExcept = GET,POST or OPTIONS only'
  • 5.7 Ensure HTTP Request Methods Are Restricted - 'httpd.conf Document Root Order = Deny,Allow'
Miscellaneous
  • Variables updated.
Revision 1.8

Apr 25, 2022

Miscellaneous
  • Metadata updated.
Revision 1.7

Mar 29, 2022

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.6

Jun 17, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.5

Oct 5, 2020

Functional Update
  • 12.1 Ensure the AppArmor Framework Is Enabled
  • 12.2 Ensure the Apache AppArmor Profile Is Configured Properly
  • 12.3 Ensure the Apache AppArmor Profile Is in Enforce Mode
  • 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Active Rules
  • 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Inbound Anomaly Threshold
  • 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Outbound Anomaly Threshold
  • 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Paranoia Level