STIGQter: STIG Summary: APACHE 2.2 Site for Windows Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 25 Jan 2019:

Each readable web document directory must contain either a default, home, index, or equivalent file.

DISA Rule

SV-33107r1_rule

Vulnerability Number

V-2245

Group Title

WG170

Rule Version

WG170 W22

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Add a default document to the applicable directories.

Check Contents

Locate the Apache httpd.conf file.

If unable to locate the file, perform a search of the system to find the location of the file.

Open the httpd.conf file with an editor such as notepad, and search for the following uncommented directive: DocumentRoot

Note the name of the DocumentRoot directory.

Review the results for each document root directory and its subdirectories. If a directory does not contain an index.html or equivalent default document, this is a finding.

Vulnerability Number

V-2245

Documentable

False

Rule Version

WG170 W22

Severity Override Guidance

Locate the Apache httpd.conf file.

If unable to locate the file, perform a search of the system to find the location of the file.

Open the httpd.conf file with an editor such as notepad, and search for the following uncommented directive: DocumentRoot

Note the name of the DocumentRoot directory.

Review the results for each document root directory and its subdirectories. If a directory does not contain an index.html or equivalent default document, this is a finding.

Check Content Reference

M

Responsibility

Web Administrator

Target Key

161

Comments