SV-78617r1_rule
V-64127
SRG-APP-000001-WSR-000001
OH12-1X-000003
CAT II
10
1. Open $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf with an editor.
2. Search for the "MaxClients" directive within "<IfModule mpm_worker_module>" directive at the OHS server configuration scope.
3. Within the "<IfModule mpm_worker_module>" directive, set the "MaxClients" directive to "2000" or less, add the directive if it does not exist.
Note: This vulnerability can be documented locally with the ISSM/ISSO if the site has operational reasons for the use of a higher value.
1. Open the $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf file with an editor.
2. Search for the "MaxClients" directive within "<IfModule mpm_worker_module>" directive at the OHS server configuration scope.
3. If "MaxClients" is omitted or set greater than "2000", this is a finding.
Note: This vulnerability can be documented locally with the ISSM/ISSO if the site has operational reasons for the use of a higher value. If the site has this documentation, this should be marked as not a finding.
V-64127
False
OH12-1X-000003
1. Open the $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf file with an editor.
2. Search for the "MaxClients" directive within "<IfModule mpm_worker_module>" directive at the OHS server configuration scope.
3. If "MaxClients" is omitted or set greater than "2000", this is a finding.
Note: This vulnerability can be documented locally with the ISSM/ISSO if the site has operational reasons for the use of a higher value. If the site has this documentation, this should be marked as not a finding.
M
2753