3.2 Ensure access logging is enabled

Information

The access_log directive should be on for every core site. It is enabled by default.

Rationale:

Access logging allows incident responders and auditors to investigate access to a system in the event of an incident.

Solution

Ensure the access_log directive is configured for every core site your organization requires logging for.
This should look similar to the below configuration snippet. You may use different log file locations based on your needs.

access_log /var/log/nginx/host.access.log main;

Default Value:

The access log is enabled by default.

See Also

https://workbench.cisecurity.org/files/4212