10.2 Restrict access to the web administration application

Information

Limit access to the web administration application to only those with a justified need.

Rationale:

Limiting access to the least privilege will ensure only those people with justified need will have access to a resource. The web administration application should be limited to only administrators.

Solution

For the administration application, edit $CATALINA_HOME/conf/server.xml and uncomment the following:

<Valve className='org.apache.catalina.valves.RemoteAddrValve' allow='127.0.0.1'/>

Note: The RemoteAddrValve property expects a regular expression, therefore periods and other regular expression meta-characters must be escaped.

Default Value:

By default, this configuration is not present.

See Also

https://workbench.cisecurity.org/benchmarks/11652

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6(2), 800-53|AC-6(5), CSCv7|4.7

Plugin: Unix

Control ID: 1ab3867146a835b709545bca9dd9512bd0b1f634f708a3c11b5a0514dfccfe77