AS24-U2-000020 - The Apache web server must perform server-side session management.
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.
AS24-U2-000350 - Users and scripts running on behalf of users must be contained to the document root or home directory tree of the Apache web server.
AS24-U2-000380 - The Apache web server must perform RFC 5280-compliant certification path validation.
AS24-U2-000660 - The Apache web server must set an inactive timeout for sessions.
AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies.
Removed
AS24-U2-000020 - The Apache web server must perform server-side session management
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided
AS24-U2-000350 - Users and scripts running on behalf of users must be contained to the document root or home directory tree of the Apache web server
AS24-U2-000380 - The Apache web server must perform RFC 5280-compliant certification path validation
AS24-U2-000660 - The Apache web server must set an inactive timeout for sessions
AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies