STIGQter: STIG Summary: Apache Server 2.4 UNIX Server Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Apache Server 2.4 UNIX Server Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:SV-214236r612240_rule
V-214236
SRG-APP-000119-WSR-000069
AS24-U1-000190
CAT II
10
Determine the location of the "ErrorLog" directory in the "httpd.conf" file:
# httpd -V | egrep -i 'httpd_root|server_config_file'
-D HTTPD_ROOT="/etc/httpd"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
Open the "httpd.conf" file.
Look for the "ErrorLog" directive.
Ensure the permissions and ownership of all files in the Apache log directory are correct by executing the following commands as an administrative service account:
# chown <'service account'> <'ErrorLog directive PATH'>/*
Verify the log information from the web server must be protected from unauthorized modification.
Review the web server documentation and deployed configuration settings to determine if the web server logging features protect log information from unauthorized modification.
Review file system settings to verify the log files have secure file permissions. Run the following command:
ls -l <'INSTALL PATH'>/logs
If the web server log files present are owned by anyone other than an administrative service account this is a finding.
V-214236
False
AS24-U1-000190
Verify the log information from the web server must be protected from unauthorized modification.
Review the web server documentation and deployed configuration settings to determine if the web server logging features protect log information from unauthorized modification.
Review file system settings to verify the log files have secure file permissions. Run the following command:
ls -l <'INSTALL PATH'>/logs
If the web server log files present are owned by anyone other than an administrative service account this is a finding.
M
3996