STIGQter: STIG Summary: APACHE 2.2 Server for UNIX Security Technical Implementation Guide Version: 1 Release: 11 Benchmark Date: 25 Jan 2019:

The KeepAlive directive must be enabled.

DISA Rule

SV-32844r2_rule

Vulnerability Number

V-13725

Group Title

WA000-WWA022

Rule Version

WA000-WWA022 A22

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Edit the httpd.conf file and set the value of "KeepAlive" to "On"

Check Contents

To view the KeepAlive value enter the following command:

grep "KeepAlive" /usr/local/apache2/conf/httpd.conf.

Verify the Value of KeepAlive is set to “On” If not, this is a finding.

NOTE: This vulnerability can be documented locally with the ISSM/ISSO if the site has operational reasons for not using persistent connections. If the site has this documentation, this should be marked as Not a Finding.

Vulnerability Number

V-13725

Documentable

False

Rule Version

WA000-WWA022 A22

Severity Override Guidance

To view the KeepAlive value enter the following command:

grep "KeepAlive" /usr/local/apache2/conf/httpd.conf.

Verify the Value of KeepAlive is set to “On” If not, this is a finding.

NOTE: This vulnerability can be documented locally with the ISSM/ISSO if the site has operational reasons for not using persistent connections. If the site has this documentation, this should be marked as Not a Finding.

Check Content Reference

M

Responsibility

Web Administrator

Target Key

158

Comments