Item Search

NameAudit NamePluginCategory
2.2 Alter the Advertised server.number StringCIS Apache Tomcat 9 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'apache account is configured'CIS Apache HTTP Server 2.4 L1 v2.1.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd services are running as apache user'CIS Apache HTTP Server 2.4 L1 v2.1.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf Group = apache'CIS Apache HTTP Server 2.4 L1 v2.1.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf User = apache'CIS Apache HTTP Server 2.4 L1 v2.1.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.1 Ensure the Apache Web Server Runs As a Non-Root User - GroupCIS Apache HTTP Server 2.4 L1 v2.1.0 MiddlewareUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.1 Ensure the Apache Web Server Runs As a Non-Root User - idCIS Apache HTTP Server 2.4 L1 v2.1.0 MiddlewareUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.1 Ensure the Apache Web Server Runs As a Non-Root User - UserCIS Apache HTTP Server 2.4 L1 v2.1.0 MiddlewareUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.4 Restrict access to Tomcat logs directoryCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.9 Restrict access to Tomcat catalina.policyCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.10 Restrict access to Tomcat context.xmlCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.12 Restrict access to Tomcat server.xmlCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.14 Restrict access to Tomcat web.xmlCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2 Ensure SSLEnabled is set to True for Sensitive Connectors - verify SSLEnabled is set to trueCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web applicationCIS Apache Tomcat 9 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

8.1 Restrict runtime access to sensitive packagesCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

9.1 Starting Tomcat with Security ManagerCIS Apache Tomcat 7 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.1 Starting Tomcat with Security ManagerCIS Apache Tomcat 7 L1 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.1 Ensure the LimitRequestLine directive is Set to 512 or lessCIS Apache HTTP Server 2.4 L2 v2.1.0Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryCIS Apache Tomcat 9 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT, MAINTENANCE

10.2 Restrict access to the web administration applicationCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 9 L2 v1.2.0Unix

ACCESS CONTROL

10.9 Configure connectionTimeoutCIS Apache Tomcat 9 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

10.10 Configure maxHttpHeaderSizeCIS Apache Tomcat 9 L2 v1.2.0Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

10.13 Do not run applications as privilegedCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL

AS24-U2-000640 - Debugging and trace information used to diagnose the Apache web server must be disabled.DISA STIG Apache Server 2.4 Unix Site v2r4Unix

SYSTEM AND INFORMATION INTEGRITY

AS24-U2-000640 - Debugging and trace information used to diagnose the Apache web server must be disabled.DISA STIG Apache Server 2.4 Unix Site v2r4 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

AS24-U2-000650 - The Apache web server must set an absolute timeout for sessions.DISA STIG Apache Server 2.4 Unix Site v2r4 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U2-000650 - The Apache web server must set an absolute timeout for sessions.DISA STIG Apache Server 2.4 Unix Site v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000640 - The Apache web server must set an absolute timeout for sessions.DISA STIG Apache Server 2.4 Windows Server v3r1Windows

ACCESS CONTROL

AS24-W1-000640 - The Apache web server must set an absolute timeout for sessions.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

ACCESS CONTROL

DISA_Rancher_Government_Solutions_RKE2_STIG_v2r2.audit from DISA Rancher Government Solutions RKE2 STIG v2r2DISA Rancher Government Solutions RKE2 STIG v2r2Unix
DISA_STIG_Adobe_Acrobat_Pro_XI_v1r2.audit from DISA Adobe Acrobat Pro XI V1R2 STIGDISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2Windows
DISA_STIG_Cisco_IOS_Switch_L2S_v3r1.audit from DISA Cisco IOS Switch L2S v3r1 STIGDISA STIG Cisco IOS Switch L2S v3r1Cisco
DISA_STIG_Cisco_IOS_Switch_RTR_v3r1.audit from DISA Cisco IOS Switch RTR v3r1 STIGDISA STIG Cisco IOS Switch RTR v3r1Cisco
DISA_STIG_IBM_DB2_v10.5_LUW_v2r1_OS_Windows.audit from DISA IBM DB2 V10.5 LUW v2r1 STIGDISA STIG IBM DB2 v10.5 LUW v2r1 OS WindowsWindows
DISA_STIG_IIS_10.0_Web_Site_v2r10.audit from DISA Microsoft IIS 10.0 Site v2r10 STIGDISA IIS 10.0 Site v2r10Windows
DISA_STIG_Microsoft_Access_2010_v1r11.audit from DISA Microsoft Access 2010 v1r11 STIGDISA STIG Office 2010 Access v1r11Windows
DISA_STIG_Microsoft_Defender_Antivirus_v2r4.audit from DISA Microsoft Defender Antivirus v2r4 STIGDISA STIG Microsoft Defender Antivirus v2r4Windows
DISA_STIG_Microsoft_Excel_2016_v2r1.audit from DISA Microsoft Excel 2016 v2r1 STIGDISA STIG Microsoft Excel 2016 v2r1Windows
DISA_STIG_Microsoft_InfoPath_2010_v1r12.audit from DISA Microsoft InfoPath 2010 v1r12 STIGDISA STIG Office 2010 InfoPath v1r12Windows
DISA_STIG_Microsoft_Office_System_2010_v1r13.audit from DISA Microsoft Office System 2010 v1r13 STIGDISA STIG Office System 2010 v1r13Windows
DISA_STIG_Microsoft_Visio_2013_v1r5.audit from DISA Microsoft Visio 2013 v1r5 STIGDISA STIG Microsoft Visio 2013 v1r5Windows
DISA_STIG_MS_Windows_Privileged_Access_Workstation_v3r1.audit from DISA Microsoft Windows PAW v3r1 STIGDISA MS Windows Privileged Access Workstation v3r1Windows
DISA_STIG_Palo_Alto_Networks_IDPS_v3r1.audit from DISA Palo Alto Networks IDPS v3r1 STIGDISA STIG Palo Alto IDPS v3r1Palo_Alto
DISA_STIG_SharePoint_2013_v2r3.audit from DISA Microsoft SharePoint 2013 v2r3 STIGDISA STIG SharePoint 2013 v2r3Windows
DISA_STIG_Solaris_11_v3r1.audit from DISA Solaris 11 X86 v3r1 STIGDISA STIG Solaris 11 X86 v3r1Unix
DISA_STIG_Ubuntu_20.04_LTS_v2r1.audit from DISA Canonical Ubuntu 20.04 LTS v2r1 STIGDISA STIG Ubuntu 20.04 LTS v2r1Unix
DISA_STIG_VMware_vSphere_6.7_vCenter_v1r4.audit from DISA VMware vSphere 6.7 vCenter v1r4 STIGDISA STIG VMware vSphere 6.7 vCenter v1r4VMware
DISA_VMware_vSphere_8.0_ESXi_STIG_v2r1.audit from DISA VMware vSphere 8.0 ESXi STIG v2r1DISA VMware vSphere 8.0 ESXi STIG OS v2r1Unix