Download
| Alert*
CCE-27785-5
The "ExecCGI" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-27321-9 The Deny Directive for the OS root should be configured appropriately CCE-28125-3 The Order directive for all DocumentRoot directives should be configured appropriately. CCE-27803-6 The Apache Server Administrator email address should be set correctly. CCE-27958-8 The group membership of the Apache /etc/httpd/conf.d file should be set correctly. CCE-27701-2 The Apache AllowOverride directive should be configured appropriately for web site root directories. CCE-27939-8 The Apache Group directive should be set correctly. CCE-27916-6 The Apache "MaxSpareServers" directive should be configured appropriately. CCE-27977-8 The Windows permissions for all files specified by ErrorLog directives should be configured appropriately CCE-27962-0 The Apache "LimitRequestFields" directive should be configured appropriately CCE-27484-5 The "Indexes" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-28008-1 The Apache "LimitRequestline" directive should be configured appropriatley. CCE-28004-0 The path for Apache sites error log files should be configured appropriately. CCE-27924-0 The Apache user account should be locked or unlocked as appropriate. CCE-28027-1 File permissions for httpd.conf should be set correctly. CCE-27582-6 Apache's demo CGI printenv.pl should be available or removed as appropriate CCE-27905-9 Apache's configuration directory should be owned by the appropriate group. CCE-27502-4 The htpasswd should be owned by the appropriate user. CCE-27739-2 The Apache system logging should be configured appropriately. CCE-27537-0 The permissions of any Apache files in /var/log/httpd/ should be set correctly. CCE-27802-8 The location of the Apache htpasswd file should be set correctly. CCE-27867-1 The ApacheErrorDocument directive should be set correctly for HTTP 403 errors. CCE-27654-3 The Apache "MinSpareServers" directive should be configured appropriately. CCE-27863-0 The Apache "ServerTokens" directive should be configured appropriately. CCE-27991-9 The "IncludesNOEXEC" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-27784-8 The Allow Directive for the OS root should be configured appropriately CCE-27136-1 The ownership of the Apache /usr/sbin/apachectl file should be set correctly. CCE-27942-2 The Apache User directive should be set correctly. CCE-27874-7 The"Includes" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-28028-9 The ownership of log files in Apache /var/log/httpd/ should be set correctly. CCE-27832-5 The group membership of the Apache /usr/sbin/httpd file should be set correctly. CCE-28009-9 The Windows permissions for all files specified by CustomLog directives should be configured appropriately CCE-27489-4 Access to Apache's httpd.conf file should be configured appropriately. CCE-27855-6 The Apache access log file data should be configured to contain the appropriate data elements. CCE-28001-6 The htpasswd file should be owned by the appropriate group. CCE-27923-2 testcgi should be installed as appropriate. CCE-27988-5 The group membership of the Apache /usr/sbin/apachectl file should be set correctly. CCE-27969-5 The Apache "KeepAlive" directive should be configured appropriately. CCE-27632-9 The permissions for the Apache /usr/sbin/apachectl file should be set correctly. CCE-27071-0 The Order directive for the OS root should be configured appropriately. CCE-27805-1 The Apache "LogLevel" directive should be configured appropriately. CCE-28018-0 The Apache "LimitRequestBody" directive should be configured appropriately. CCE-27885-3 The "FollowSymLinks" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-27956-2 The permissions for the Apache /etc/httpd/conf.d file should be set correctly. CCE-27790-5 The Apache "Timeout" directive should be configured appropriately. CCE-27147-8 The httpd.conf file should be owned by the appropriate user. CCE-27960-4 The Apache ErrorDocument directive should be set correctly for HTTP 400 errors. CCE-28116-2 The Order directive for the specified Directory directive should be configured appropriately. CCE-27949-7 The Unix permissions of Apache's htpasswd file should be configured appropriately. CCE-27561-0 The ownership of the Apache /var/www/html file should be set correctly. CCE-27896-0 The Apache ServerSignature directive should be set appropriately. CCE-27983-6 The Apache user account should be allowed root privileges as appropriate. CCE-28139-4 The Apache "StartServers" directive should be configured appropriately. CCE-27987-7 Permitted HTTP request methods should be configured appropriately. CCE-27264-1 The Apache "MaxClients" directive should be configured appropriately. CCE-27970-3 The ownership of the Apache /etc/httpd/conf.d file should be set correctly. CCE-27036-3 The ownership of the Apache /etc/httpd/conf/passwd file should be set correctly. CCE-27951-3 The ApacheErrorDocument directive should be set correctly for HTTP 404 errors. CCE-27475-3 The group membership of the Apache user account should be set correctly. CCE-28019-8 The Unix permissions of Apache's configuration directory should be configred appropriately CCE-27656-8 The"MultiViews" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-27823-4 The Apache AllowOverride Directive should be configured appropriately for operating system root directories. CCE-27804-4 The group membership of the Apache /etc/httpd/conf/passwd file should be set correctly. CCE-27932-3 The ownership of the Apache /usr/sbin/httpd file should be set correctly. CCE-27592-5 The Deny directive for the specified Directory directive should be configured appropriately. CCE-27997-6 The permissions for the Apache/var/www/html file should be set correctly. CCE-27324-3 The Apache runtime rewriting engine should be enabled or disabled as appropriate. CCE-28109-7 The httpd.conf file should be owned by the appropriate group. CCE-27770-7 The group membership of the Apache /var/www/html file should be set correctly. CCE-27797-0 The Apache "KeepAliveTimeout" directive should be configured appropriately. CCE-27025-6 The Apache "LimitRequestFieldSizeBody" directive should be configured appropriately. CCE-27902-6 The permissions for the Apache /usr/sbin/httpd file should be set correctly. CCE-28026-3 The ApacheErrorDocument directive should be set correctly for HTTP 500 errors. CCE-27929-9 The permissions for the Apache /etc/httpd/conf/passwd file should be set correctly. CCE-27755-8 The group membership of any Apache files in /var/log/httpd/ should be set correctly. CCE-27505-7 The Allow directive for the specified Directory directive should be configured appropriately. CCE-27713-7 Apache's configuration directory should be owned by the appropriate user. CCE-27963-8 The ApacheErrorDocument directive should be set correctly for HTTP 405 errors. CCE-27029-8 The ApacheErrorDocument directive should be set correctly for HTTP 401 errors. |