IIST-SI-000258 - The application pools rapid fail protection for each IIS 10.0 website must be enabled.

Information

Rapid fail protection is a feature that interrogates the health of worker processes associated with websites and web applications. It can be configured to perform a number of actions such as shutting down and restarting worker processes that have reached failure thresholds. By not setting rapid fail protection, the web server could become unstable in the event of a worker process crash potentially leaving the web server unusable.

Solution

Open the IIS 10.0 Manager.

Click 'Application Pools'.

Perform the following for each Application Pool:

Highlight an Application Pool to review and click 'Advanced Settings' in the 'Actions' pane.

Scroll down to the 'Rapid Fail Protection' section and set the value for 'Enabled' to 'True'.

Click 'OK'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_IIS_10-0_Y24M10_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-218777r961863_rule, STIG-ID|IIST-SI-000258, STIG-Legacy|SV-109379, STIG-Legacy|V-100275, Vuln-ID|V-218777

Plugin: Windows

Control ID: 58627c522e479f3cb2a67d300f5424adcd2cac0a146fcdc9ea63544bde24dfde