2.2 Alter the Advertised server.number String | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'apache account is configured' | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd services are running as apache user' | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf Group = apache' | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf User = apache' | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
3.1 Ensure the Apache Web Server Runs As a Non-Root User - Group | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
3.1 Ensure the Apache Web Server Runs As a Non-Root User - id | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
3.1 Ensure the Apache Web Server Runs As a Non-Root User - User | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
4.4 Restrict access to Tomcat logs directory | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
4.9 Restrict access to Tomcat catalina.policy | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
4.10 Restrict access to Tomcat context.xml | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
4.12 Restrict access to Tomcat server.xml | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
4.14 Restrict access to Tomcat web.xml | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
6.2 Ensure SSLEnabled is set to True for Sensitive Connectors - verify SSLEnabled is set to true | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web application | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.1 Restrict runtime access to sensitive packages | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
10.1 Ensure the LimitRequestLine directive is Set to 512 or less | CIS Apache HTTP Server 2.4 L2 v2.1.0 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directory | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
10.2 Restrict access to the web administration application | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL |
10.3 Restrict manager application | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | ACCESS CONTROL |
10.9 Configure connectionTimeout | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
10.10 Configure maxHttpHeaderSize | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
10.13 Do not run applications as privileged | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL |
AS24-U2-000640 - Debugging and trace information used to diagnose the Apache web server must be disabled. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
AS24-U2-000640 - Debugging and trace information used to diagnose the Apache web server must be disabled. | DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
AS24-U2-000650 - The Apache web server must set an absolute timeout for sessions. | DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U2-000650 - The Apache web server must set an absolute timeout for sessions. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-W1-000640 - The Apache web server must set an absolute timeout for sessions. | DISA STIG Apache Server 2.4 Windows Server v3r1 | Windows | ACCESS CONTROL |
AS24-W1-000640 - The Apache web server must set an absolute timeout for sessions. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL |
DISA_Rancher_Government_Solutions_RKE2_STIG_v2r2.audit from DISA Rancher Government Solutions RKE2 STIG v2r2 | DISA Rancher Government Solutions RKE2 STIG v2r2 | Unix | |
DISA_STIG_Adobe_Acrobat_Pro_XI_v1r2.audit from DISA Adobe Acrobat Pro XI V1R2 STIG | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | |
DISA_STIG_Cisco_IOS_Switch_L2S_v3r1.audit from DISA Cisco IOS Switch L2S v3r1 STIG | DISA STIG Cisco IOS Switch L2S v3r1 | Cisco | |
DISA_STIG_Cisco_IOS_Switch_RTR_v3r1.audit from DISA Cisco IOS Switch RTR v3r1 STIG | DISA STIG Cisco IOS Switch RTR v3r1 | Cisco | |
DISA_STIG_IBM_DB2_v10.5_LUW_v2r1_OS_Windows.audit from DISA IBM DB2 V10.5 LUW v2r1 STIG | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | |
DISA_STIG_IIS_10.0_Web_Site_v2r10.audit from DISA Microsoft IIS 10.0 Site v2r10 STIG | DISA IIS 10.0 Site v2r10 | Windows | |
DISA_STIG_Microsoft_Access_2010_v1r11.audit from DISA Microsoft Access 2010 v1r11 STIG | DISA STIG Office 2010 Access v1r11 | Windows | |
DISA_STIG_Microsoft_Defender_Antivirus_v2r4.audit from DISA Microsoft Defender Antivirus v2r4 STIG | DISA STIG Microsoft Defender Antivirus v2r4 | Windows | |
DISA_STIG_Microsoft_Excel_2016_v2r1.audit from DISA Microsoft Excel 2016 v2r1 STIG | DISA STIG Microsoft Excel 2016 v2r1 | Windows | |
DISA_STIG_Microsoft_InfoPath_2010_v1r12.audit from DISA Microsoft InfoPath 2010 v1r12 STIG | DISA STIG Office 2010 InfoPath v1r12 | Windows | |
DISA_STIG_Microsoft_Office_System_2010_v1r13.audit from DISA Microsoft Office System 2010 v1r13 STIG | DISA STIG Office System 2010 v1r13 | Windows | |
DISA_STIG_Microsoft_Visio_2013_v1r5.audit from DISA Microsoft Visio 2013 v1r5 STIG | DISA STIG Microsoft Visio 2013 v1r5 | Windows | |
DISA_STIG_MS_Windows_Privileged_Access_Workstation_v3r1.audit from DISA Microsoft Windows PAW v3r1 STIG | DISA MS Windows Privileged Access Workstation v3r1 | Windows | |
DISA_STIG_Palo_Alto_Networks_IDPS_v3r1.audit from DISA Palo Alto Networks IDPS v3r1 STIG | DISA STIG Palo Alto IDPS v3r1 | Palo_Alto | |
DISA_STIG_SharePoint_2013_v2r3.audit from DISA Microsoft SharePoint 2013 v2r3 STIG | DISA STIG SharePoint 2013 v2r3 | Windows | |
DISA_STIG_Solaris_11_v3r1.audit from DISA Solaris 11 X86 v3r1 STIG | DISA STIG Solaris 11 X86 v3r1 | Unix | |
DISA_STIG_Ubuntu_20.04_LTS_v2r1.audit from DISA Canonical Ubuntu 20.04 LTS v2r1 STIG | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | |
DISA_STIG_VMware_vSphere_6.7_vCenter_v1r4.audit from DISA VMware vSphere 6.7 vCenter v1r4 STIG | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | |
DISA_VMware_vSphere_8.0_ESXi_STIG_v2r1.audit from DISA VMware vSphere 8.0 ESXi STIG v2r1 | DISA VMware vSphere 8.0 ESXi STIG OS v2r1 | Unix | |