STIGQter: STIG Summary: APACHE 2.2 Site for Windows Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 25 Jan 2019:

The number of allowed simultaneous requests must be set.

DISA Rule

SV-33105r2_rule

Vulnerability Number

V-2240

Group Title

WG110

Rule Version

WG110 W22

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Set the MaxKeepAliveRequests directive to 100 or greater.

Check Contents

NOTE: This setting must be explicitly set.

Locate the Apache httpd.conf file.

If unable to locate the file, perform a search of the system to find the location of the file.

Open the httpd.conf file with an editor such as notepad, and search for the following uncommented directive: MaxKeepAliveRequests

Every enabled MaxKeepAliveRequests value needs to be 100 or greater. If any directive is less than 100, this is a finding.

Vulnerability Number

V-2240

Documentable

False

Rule Version

WG110 W22

Severity Override Guidance

NOTE: This setting must be explicitly set.

Locate the Apache httpd.conf file.

If unable to locate the file, perform a search of the system to find the location of the file.

Open the httpd.conf file with an editor such as notepad, and search for the following uncommented directive: MaxKeepAliveRequests

Every enabled MaxKeepAliveRequests value needs to be 100 or greater. If any directive is less than 100, this is a finding.

Check Content Reference

M

Responsibility

Web Administrator

Target Key

161

Comments