| DTBI010 - First Run Customize settings must be enabled as home page. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI031 - The Java Permissions must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI036 - Functionality to drag and drop or copy and paste files must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI091 - The Java Permissions must be set with High Safety (Trusted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI300 - Configuring History setting must be set to 40 days - DaysToKeep | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI425 - Java permissions must be disallowed (Local Machine zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI440 - Java permissions must be disallowed (Locked Down Trusted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI445 - Java permissions must be disallowed (Locked Down Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI635 - Internet Explorer Processes for Restrict File Download must be enforced (Explorer). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI770 - Deleting web sites that the user has visited must be disallowed. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | AUDIT AND ACCOUNTABILITY |
| DTBI810 - When uploading files to a server, the local directory path must be excluded (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| WA00505 W22 - Web Distributed Authoring and Versioning (WebDAV) must be disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WA00510 A22 - Web server status module must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00515 A22 - Automatic directory indexing must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00540 A22 - The web server must be configured to explicitly deny access to the OS root - Order | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | ACCESS CONTROL |
| WA00540 W22 - The web server must be configured to explicitly deny access to the OS root. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WA00545 A22 - Web server options for the OS root must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00547 A22 - The ability to override the access configuration for the OS root directory must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | ACCESS CONTROL |
| WA00547 W22 - The ability to override the access configuration for the OS root directory must be disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WA00550 A22 - The TRACE method must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00550 A22 - The TRACE method must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA00555 W22 - The web server must be configured to listen on a specific IP address and port. - '[::ffff:0.0.0.0]:80' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WA00560 A22 - The URL-path name must be set to the file path name or the directory path name. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00612 W22 - The sites error logs must log the correct format. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | AUDIT AND ACCOUNTABILITY |
| WA00615 A22 - System logging must be enabled. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WA00620 A22 - The LogLevel directive must be enabled. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | AUDIT AND ACCOUNTABILITY |
| WG110 IIS6 - Web sites must limit the number of simultaneous requests. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WG170 IIS6 - Each readable web document directory must contain a default, home, index or equivalent file. - 'EnableDefaultDoc set to True' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG205 IIS6 - The web document (home) directory must be on a separate partition from the web servers system files. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG210 A22 - Web content directories must not be anonymously shared. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | ACCESS CONTROL |
| WG242 A22 - Log file data must contain required data elements. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | AUDIT AND ACCOUNTABILITY |
| WG300 A22 - Web server system files must conform to minimum file permission requirements - apache bin | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG300 A22 - Web server system files must conform to minimum file permission requirements - config | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG300 A22 - Web server system files must conform to minimum file permission requirements - config/* | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\ftproot' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\ftproot\ftpfiles' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot\images' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\*.bat | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\*.exe' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\inetmgr.exe' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\MBSchema.xml | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG300 W22 - Web server system files must conform to minimum file permission requirements. - 'bin' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG310 A22 - A web site must not contain a robots.txt file - alias | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG340 A22 - A private web server must utilize an approved TLS version - SSLEngine | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'PCT 1.0\Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 3.0\Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 A22 - Public web servers must use TLS if authentication is required. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'PCT 1.0 Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 2.0 Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
