STIGQter: STIG Summary: APACHE 2.2 Server for UNIX Security Technical Implementation Guide Version: 1 Release: 11 Benchmark Date: 25 Jan 2019: STIGQter: STIG Summary: APACHE 2.2 Server for UNIX Security Technical Implementation Guide Version: 1 Release: 11 Benchmark Date: 25 Jan 2019:SV-36649r2_rule
V-13730
WA000-WWA032
WA000-WWA032 A22
CAT II
10
Open the httpd.conf file with an editor and search for the following directive:
MaxClients
Set the directive to a value of 256 or less, add the directive if it does not exist.
It is recommended that the directive be explicitly set to prevent unexpected results if the defaults change with updated software.
Open the httpd.conf file with an editor and search for the following directive:
MaxClients
The value needs to be 256 or less
If the directive is set improperly, this is a finding.
If the directive does not exist, this is NOT a finding because it will default to 256. It is recommended that the directive be explicitly set to prevent unexpected results if the defaults change with updated software.
NOTE: This vulnerability can be documented locally with the ISSM/ISSO if the site has operational reasons for the use of increased value. If the site has this documentation, this should be marked as Not a Finding.
V-13730
False
WA000-WWA032 A22
Open the httpd.conf file with an editor and search for the following directive:
MaxClients
The value needs to be 256 or less
If the directive is set improperly, this is a finding.
If the directive does not exist, this is NOT a finding because it will default to 256. It is recommended that the directive be explicitly set to prevent unexpected results if the defaults change with updated software.
NOTE: This vulnerability can be documented locally with the ISSM/ISSO if the site has operational reasons for the use of increased value. If the site has this documentation, this should be marked as Not a Finding.
M
Web Administrator
158