Non-Essential modules should be disabled. 'mod_include'

Information

It is important to disable the modules that are not needed, in order to reduce the risk to the web server, as well as increase the performance. This is similar to the OS security issue of running unnecessary network services; such as Telnet and FTP. By enabling these unused modules, you are potentially providing additional avenues of attack against your web server. You should only enable the modules that you absolutely needed for the functionality of your web site.

Solution

Disable modules listed below by commenting out the 'LoadModule' lines that refer to these modules in the httpd.conf file. Detailed functionality of the modules elaborated in Appendix 3.1
mod_autoindex
mod_include
mod_info
mod_status
mod_userdir
mod_dav

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b.

Plugin: Windows

Control ID: 916fdfe8ba84e5051eb359e2a905f1a8d5dc38e21b53dbeb555fcb99fda16e03