STIGQter: STIG Summary: Apache Server 2.4 UNIX Site Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Apache Server 2.4 UNIX Site Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:SV-214283r612241_rule
V-214283
SRG-APP-000141-WSR-000083
AS24-U2-000320
CAT II
10
Determine the location of the "HTTPD_ROOT" directory and the "httpd.conf" file:
# httpd -V | egrep -i 'httpd_root|server_config_file'
-D HTTPD_ROOT="/etc/httpd"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
Disable MIME types for .exe, .dll, .com, .bat, and .csh programs.
If "Action" or "AddHandler" exist and they configure .exe, .dll, .com, .bat, or .csh, remove those references.
Restart Apache: apachectl restart
Ensure this process is documented and approved by the ISSO.
Determine the location of the "HTTPD_ROOT" directory and the "httpd.conf" file:
# httpd -V | egrep -i 'httpd_root|server_config_file'
-D HTTPD_ROOT="/etc/httpd"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
If "Action" or "AddHandler" exist and they configure .exe, .dll, .com, .bat, or .csh, or any other shell as a viewer for documents, this is a finding.
If this is not documented and approved by the Information System Security Officer (ISSO), this is a finding.
V-214283
False
AS24-U2-000320
Determine the location of the "HTTPD_ROOT" directory and the "httpd.conf" file:
# httpd -V | egrep -i 'httpd_root|server_config_file'
-D HTTPD_ROOT="/etc/httpd"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
If "Action" or "AddHandler" exist and they configure .exe, .dll, .com, .bat, or .csh, or any other shell as a viewer for documents, this is a finding.
If this is not documented and approved by the Information System Security Officer (ISSO), this is a finding.
M
3997