STIGQter: STIG Summary: Apache Server 2.4 UNIX Server Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Apache Server 2.4 UNIX Server Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:SV-214235r612240_rule
V-214235
SRG-APP-000118-WSR-000068
AS24-U1-000180
CAT II
10
To protect the integrity of the data that is being captured in the log files, ensure that only the members of the Auditors group, Administrators, and the user assigned to run the web server software is granted permissions to read the log files.
Determine the location of the "HTTPD_ROOT" directory and the "httpd.conf" file:
# httpd -V | egrep -i 'httpd_root|server_config_file'
-D HTTPD_ROOT="/etc/httpd"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
Review the log file location.
To determine permissions for log files, from the command line, navigate to the directory where the log files are located and enter the following command:
ls -alH <HTTPD_ROOT>/log*
Note the owner and group permissions on these files. Only system administrators and service accounts running the server should have permissions to the files.
If any users other than those authorized have read access to the log files, this is a finding.
V-214235
False
AS24-U1-000180
Determine the location of the "HTTPD_ROOT" directory and the "httpd.conf" file:
# httpd -V | egrep -i 'httpd_root|server_config_file'
-D HTTPD_ROOT="/etc/httpd"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
Review the log file location.
To determine permissions for log files, from the command line, navigate to the directory where the log files are located and enter the following command:
ls -alH <HTTPD_ROOT>/log*
Note the owner and group permissions on these files. Only system administrators and service accounts running the server should have permissions to the files.
If any users other than those authorized have read access to the log files, this is a finding.
M
3996