SV-28798r2_rule
V-2260
WG310
WG310 W22
CAT II
10
Remove the robots.txt file from the web site. If there is information on the web site that needs protection from search engines and public view, then other methods must be used to safeguard the data.
Locate the Apache httpd.conf file.
If unable to locate the file, perform a search of the system to find the location of the file.
Open the httpd.conf file with an editor and search for the following uncommented directives: DocumentRoot & Alias
Navigate to the location(s) specified in the Include statement(s), and review each file for the following uncommented directives: DocumentRoot & Alias
At the top level of the directories identified after the enabled DocumentRoot & Alias directives, verify that a “robots.txt” file does not exist. If the file does exist, this is a finding.
V-2260
False
WG310 W22
Locate the Apache httpd.conf file.
If unable to locate the file, perform a search of the system to find the location of the file.
Open the httpd.conf file with an editor and search for the following uncommented directives: DocumentRoot & Alias
Navigate to the location(s) specified in the Include statement(s), and review each file for the following uncommented directives: DocumentRoot & Alias
At the top level of the directories identified after the enabled DocumentRoot & Alias directives, verify that a “robots.txt” file does not exist. If the file does exist, this is a finding.
M
Web Administrator
161