SV-99507r1_rule
V-88857
SRG-APP-000098-WSR-000060
VROM-TC-000215
CAT II
10
Navigate to and open /usr/lib/vmware-vcops/tomcat-web-app/conf/server.xml.
Navigate to and locate <Host>.
Configure the <Host> node with the <RemoteIpValve> below.
Note: The “RemoteIpValve” should be configured as follows:
<Valve className="org.apache.catalina.valves.RemoteIpValve"
remoteIpHeader="x-forwarded-for"
remoteIpProxiesHeader="x-forwarded-by"
internalProxies=".*"
protocolHeader="x-forwarded-proto" />
At the command prompt, execute the following command:
grep -v 127.0 /storage/log/vcops/log/product-ui/localhost_access_log.YYYY-MM-dd.txt
Note: Substitute the actual date in the file name.
If actual client IP information, not load balancer or proxy server, is not being recorded, this is a finding.
V-88857
False
VROM-TC-000215
At the command prompt, execute the following command:
grep -v 127.0 /storage/log/vcops/log/product-ui/localhost_access_log.YYYY-MM-dd.txt
Note: Substitute the actual date in the file name.
If actual client IP information, not load balancer or proxy server, is not being recorded, this is a finding.
M
3441