Revision 1.9Mar 6, 2024
Functional Update
- 10.18 Setting Security Lifecycle Listener - check for umask present in startup
- 10.18 Setting Security Lifecycle Listener - check for umask uncommented in startup
- 10.19 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xml
- 10.19 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xml
- 10.6 Enable strict servlet Compliance
- 10.7 Turn off session facade recycling
- 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web application
- 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists inin default
- 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in default
- 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web application
- 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in default
- 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in web application
- 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in default
- 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web application
- 7.4 Ensure directory in context.xml is a secure location - configuration
- 7.5 Ensure pattern in context.xml is correct
- 7.6 Ensure directory in logging.properties is a secure location - check log directory location
- 7.6 Ensure directory in logging.properties is a secure location - check prefix application name
- 8.1 Restrict runtime access to sensitive packages
Miscellaneous
- Metadata updated.
- References updated.
- Variables updated.