Oct 15, 2024 Added- WG040 A22 - Public web server resources must not be shared with private assets.
- WG420 A22 - Backup interactive scripts on the production web server are prohibited.
Removed- WG040 A22 - Public web server resources must not be shared with private assets - .netrc
- WG040 A22 - Public web server resources must not be shared with private assets - .rhosts
- WG040 A22 - Public web server resources must not be shared with private assets - Systems
- WG040 A22 - Public web server resources must not be shared with private assets - exports
- WG040 A22 - Public web server resources must not be shared with private assets - hosts.equiv
- WG040 A22 - Public web server resources must not be shared with private assets - hosts.lpd
- WG040 A22 - Public web server resources must not be shared with private assets - mnttab
- WG040 A22 - Public web server resources must not be shared with private assets - sharetab
- WG080 A22 - Installation of a compiler on production web server is prohibited - gcc
- WG080 A22 - Installation of a compiler on production web server is prohibited - javac
- WG080 A22 - Installation of a compiler on production web server is prohibited - jdk
- WG420 A22 - Backup interactive scripts on the production web server are prohibited - ??0
- WG420 A22 - Backup interactive scripts on the production web server are prohibited - backup
- WG420 A22 - Backup interactive scripts on the production web server are prohibited - bak
- WG420 A22 - Backup interactive scripts on the production web server are prohibited - old
- WG420 A22 - Backup interactive scripts on the production web server are prohibited - tmp
|
Jun 18, 2024 |
Jun 17, 2024 Miscellaneous- Metadata updated.
- References updated.
|
Apr 12, 2023 Miscellaneous- Metadata updated.
- Platform check updated.
- Variables updated.
|
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
- Variables updated.
|
Dec 7, 2022 Added- WG280 - The access control files are owned by a privileged web server account - APP_Config_files
- WG280 - The access control files are owned by a privileged web server account - HTACCESS_DIR
Removed- WG280 - The access control files are owned by a privileged web server account - @APP_Config_files@
- WG280 - The access control files are owned by a privileged web server account - @HTACCESS_DIR@
|
Aug 9, 2022 Functional Update- WA00500 A22 - Active software modules must be minimized.
- WA00505 A22 - Web Distributed Authoring and Versioning (WebDAV) must be disabled.
- WA00510 A22 - Web server status module must be disabled.
- WA00515 A22 - Automatic directory indexing must be disabled.
- WA00520 A22 - The web server must not be configured as a proxy server.
- WA00525 A22 - User specific directories must not be globally enabled.
- WA00530 A22 - The process ID (PID) file must be properly secured
- WA00535 A22 - The score board file must be properly secured.
- WA230 A22 - The Web site software used with the web server must have all applicable security patches applied and documented.
- WG190 A22 - Web server software must be a vendor-supported version.
- WG270 A22 - The web server's htpasswd files (if present) must reflect proper ownership and permissions
- WG280 - The access control files are owned by a privileged web server account - @APP_Config_files@
- WG280 - The access control files are owned by a privileged web server account - @HTACCESS_DIR@
- WG300 A22 - Web server system files must conform to minimum file permission requirements - cgi_bin
- WG300 A22 - Web server system files must conform to minimum file permission requirements - config
- WG300 A22 - Web server system files must conform to minimum file permission requirements - document root
- WG300 A22 - Web server system files must conform to minimum file permission requirements - logs
- WG385 A22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server.
|
Apr 25, 2022 Miscellaneous- Metadata updated.
- References updated.
|
Jul 30, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Jun 17, 2021 |
