WA00500 A22 - Active software modules must be minimized.

Information

Modules are the source of Apache httpd servers core and dynamic capabilities. Thus not every module available is needed for operation. Most installations only need a small subset of the modules available. By minimizing the enabled modules to only those that are required, we reduce the number of doors and have therefore reduced the attack surface of the web site. Likewise having fewer modules means less software that could have vulnerabilities.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Disable any modules that are not needed.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Apache_2-2_UNIX_V1R11_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-33215r1_rule, STIG-ID|WA00500_A22, Vuln-ID|V-26285

Plugin: Unix

Control ID: db2b06039beeff41d5db4ee603814778d85303ee6724bcc4ae4e8b719c98529f