Revision 1.9Mar 6, 2024
Functional Update
- 10.19 Setting Security Lifecycle Listener (check for umask present in startup)
- 10.19 Setting Security Lifecycle Listener (check for umask uncommented in startup)
- 10.20 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xml
- 10.20 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xml
- 10.6 Enable strict servlet Compliance
- 10.7 Turn off session facade recycling
- 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler exists in web application)
- 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler exists inin default)
- 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler logging is enabled in default)
- 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler logging is enabled in web application)
- 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler exists in default)
- 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler exists in web application)
- 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in default)
- 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in web application)
- 7.4 Ensure directory in context.xml is a secure location - configuration
- 7.5 Ensure pattern in context.xml is correct
- 7.6 Ensure directory in logging.properties is a secure location (check log directory location)
- 7.6 Ensure directory in logging.properties is a secure location (check prefix application name)
- 8.1 Restrict runtime access to sensitive packages
Informational Update
- 7.6 Ensure directory in logging.properties is a secure location (check prefix application name)
Miscellaneous
- Metadata updated.
- References updated.
- Variables updated.