Download
| Alert*
CCE-28106-3
The Apache "LimitRequestline" directive should be configured appropriatley. CCE-28182-4 Apache's proxy_module should be enabled or disabled as appropriate. CCE-27499-3 All directories specified by DocumentRoot directives should be owned by the appropriate group. CCE-27438-1 The Apache User directive should be set correctly. CCE-27611-3 All directories specified by ScriptAliasMatch directives should be owned by the appropriate user. CCE-28035-4 Apache's /htdocs directory should be owned by the appropriate user. CCE-27789-7 Apache's status_module should be enabled or disabled as appropriate. CCE-28133-7 The Apache "MaxSpareServers" directive should be configured appropriately. CCE-27646-9 The Apache "LimitRequestFields" directive should be configured appropriately CCE-27814-3 The Apache "LogLevel" directive should be configured appropriately. CCE-28000-8 Anonymous sharing of Apache's web content directories with nfs should be configured appropriately. CCE-28069-3 Apache's configuration directory should be owned by the appropriate group. CCE-28046-1 The Unix permissions of Apache's /logs directory should be configred appropriately CCE-28084-2 The Unix permissions for all directories specified by ScriptAliasMatch directives should be configured appropriately. CCE-28118-8 The httpd.conf file should be owned by the appropriate user. CCE-28107-1 All directories specified by DocumentRoot directives should be owned by the appropriate user. CCE-28122-0 All readable Apache web document directories should have their default webpage configured appropriately. CCE-28183-2 The Apache "Includes" setting for all "Options" directives should be configured appropriately. CCE-27454-8 The ApacheErrorDocument directive should be set correctly for HTTP 404 errors. CCE-28059-4 The Unix permissions for all files specified by ErrorLog directives should be configured appropriately CCE-28013-1 The Unix permissions for all directories specified by ScriptAlias directives should be configured appropriately. CCE-27575-0 The Windows permissions for all directories specified by Alias directives should be configured appropriately. CCE-27957-0 The Unix permissions for all directories specified by ServerRoot directives should be configred appropriately CCE-27742-6 Apache's /bin directory should be owned by the appropriate user. CCE-28220-2 The Apache user account should be locked or unlocked as appropriate. CCE-27765-7 The Apache runtime rewriting engine should be enabled or disabled as appropriate. CCE-28157-6 The group membership of the Apache /usr/sbin/apachectl file should be set correctly. CCE-28111-3 Automatic directory indexing should be enabled or disabled as appropriate. CCE-27148-6 The Apache "KeepAlive" directive should be configured appropriately. CCE-27984-4 Apache's /htdocs directory should be owned by the appropriate group. CCE-28195-6 The requried permssions for the file %SystemRoot%\System32\wscript.exe should be assigned. CCE-28134-5 The Windows permissions for all directories specified by ServerRoot directives should be configred appropriately CCE-27647-7 All directories specified by ServerRoot directives should be owned by the appropriate group. CCE-27466-2 Apache's Scoreboard file's Windows permissions should be configured appropriately. CCE-28024-8 The ownership of the Apache /var/www/html file should be set correctly. CCE-27946-3 Web Distributed Authoring and Versioning (WebDav) dav_fs_module should be enabled or disabled as appropriate. CCE-27715-2 Apache's scoreboard file should be owned by the appropriate user. CCE-28119-6 Apache's configuration directory should be owned by the appropriate user. CCE-27346-6 The ownership of the Apache /usr/sbin/httpd file should be set correctly. CCE-27530-5 The ApacheErrorDocument directive should be set correctly for HTTP 500 errors. CCE-28165-9 The "Indexes" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-28188-1 The Windows permissions of Apache's /htdocs directory should be configred appropriately CCE-27847-3 The path for Apache sites error log files should be configured appropriately. CCE-28033-9 Anonymous sharing of Apache's web content directories should be configured appropriately. CCE-27933-1 All directories specified by Alias directives should be owned by the appropriate user. CCE-28010-7 The Apache access log file data should be configured to contain the appropriate data elements. CCE-28071-9 The htpasswd should be owned by the appropriate user. CCE-28056-0 The required permissions for the file %SystemRoot%\System32\cscript.exe should be assigned CCE-28104-8 The Apache SSLProtocol directive should be configured appropriately. CCE-27979-4 Apache's /logs directory should be owned by the appropriate group. CCE-28263-2 The Deny directive for the specified Directory directive should be configured appropriately. CCE-28070-1 The Apache AllowOverride Directive should be configured appropriately for operating system root directories. CCE-27835-8 All Apache's online manual should be available or removed as appropriate. CCE-27251-8 Anonymous sharing of Apache's web content directories with smb should be configured appropriately. CCE-28006-5 The Unix permissions of Apache's /bin directory should be configred appropriately CCE-27945-5 The group membership of the Apache /usr/sbin/httpd file should be set correctly. CCE-28067-7 Apache's proxy_connect_module should be enabled or disabled as appropriate. CCE-28252-5 The"MultiViews" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-28044-6 The Apache site's robots.txt should be configured to disallow paths and files as appropriate. CCE-27798-8 The Apache system logging should be configured appropriately. CCE-27737-6 The Apache "Indexes" setting for all "Options" directives should be configured appropriately. CCE-27907-5 The Apache "LimitRequestFieldSizeBody" directive should be configured appropriately. CCE-28120-4 Apache's process ID (PID) file's Unix permissions should be configured appropriately. CCE-28143-6 The Apache "Timeout" directive should be configured appropriately. CCE-27226-0 The Windows permissions for all directories specified by DocumentRoot directives should be configured appropriately. CCE-27846-5 Apache's proxy_http_module should be enabled or disabled as appropriate. CCE-28034-7 Apache's demo CGI printenv.pl should be available or removed as appropriate CCE-28057-8 The Apache ErrorDocument directive should be set correctly for HTTP 400 errors. CCE-27479-5 The Apache "StartServers" directive should be configured appropriately. CCE-28249-1 The group membership of the Apache /etc/httpd/conf.d file should be set correctly. CCE-27955-4 Apache's log_config_module should be enabled or disabled as appropriate. CCE-27748-3 The Apache "TraceEnable" directive should be configured appropriatley. CCE-28132-9 The ownership of the Apache /etc/httpd/conf.d file should be set correctly. CCE-28117-0 All directories specified by Alias directives should be owned by the appropriate group. CCE-27834-1 The permissions for the Apache/var/www/html file should be set correctly. CCE-27811-9 The Unix permissions for all directories specified by DocumentRoot directives should be configured appropriately. CCE-27188-2 The Apache "MaxClients" directive should be configured appropriately. CCE-27967-9 The file permissions for all files specified by CustomLog directives should be configured appropriately CCE-28068-5 Apache's /cgi-bin directory should be owned by the appropriate user. CCE-28007-3 The maximum password age setting for Apache's service account should be configured appropriately. CCE-28045-3 testcgi should be installed as appropriate. CCE-27982-8 The Apache "ExecCGI" setting for all "Options" directives for the OS root should be configured appropriately. CCE-27906-7 All files specified by CustomLog directives should be owned by the appropriate user CCE-28230-1 The permissions for the Apache /usr/sbin/apachectl file should be set correctly. CCE-28102-2 The Order directive for the OS root should be configured appropriately. CCE-27762-4 The Apache "Indexes" setting for all "Options" directives for the OS root should be configured appropriately. CCE-28080-0 The "IncludesNOEXEC" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-28163-4 The ScriptAlias for the specified directory should be configured appropriately. CCE-27653-5 The"Includes" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-27419-1 Apache's listening port should be configured appropriately. CCE-28200-4 Apache's info_module should be enabled or disabled as appropriate. CCE-27981-0 The htpasswd file should be owned by the appropriate group. CCE-28092-5 The Apache AddHandler directive should be configured appropriately. CCE-28152-7 Apache's listening IP address should be configured appropriately. CCE-27871-3 All directories specified by ServerRoot directives should be owned by the appropriate user. CCE-28235-0 The Apache Group directive should be set correctly. CCE-27894-5 The ApacheErrorDocument directive should be set correctly for HTTP 401 errors. CCE-28137-8 Apache's ssl_module should be enabled or disabled as appropriate. CCE-27989-3 The Apache "MinSpareServers" directive should be configured appropriately. CCE-28114-7 The Windows permissions for all directories specified by ScriptAlias directives should be configured appropriately. CCE-28042-0 The Windows permissions for all files specified by ErrorLog directives should be configured appropriately CCE-28126-1 Apache's /logs directory should be owned by the appropriate user. CCE-27281-5 The permissions for the Apache /etc/httpd/conf.d file should be set correctly. CCE-28187-3 The ownership of log files in Apache /var/log/httpd/ should be set correctly. CCE-27976-0 All files specified by CustomLog directives should be owned by the appropriate group CCE-27821-8 The Apache "ServerTokens" directive should be configured appropriately. CCE-28141-0 All directories specified by ScriptAlias directives should be owned by the appropriate user. CCE-27412-6 The Windows permissions for all files specified by CustomLog directives should be configured appropriately CCE-27938-0 The Apache "KeepAliveTimeout" directive should be configured appropriately. CCE-28224-4 The ownership of the Apache /etc/httpd/conf/passwd file should be set correctly. CCE-27769-9 The Apache "SymLinksIfOwnerMatch" setting for all "Options" directives for the OS root should be configured appropriately. CCE-28055-2 The Unix permissions of Apache's configuration directory should be configred appropriately CCE-27999-2 Apache's Scoreboard file's Unix permissions should be configured appropriately. CCE-27953-9 The ApacheErrorDocument directive should be set correctly for HTTP 403 errors. CCE-27980-2 The Apache SSLEngine directive should be configured appropriately. CCE-27795-4 The Unix permissions of Apache's htpasswd file should be configured appropriately. CCE-28115-4 The Unix permissions of Apache's /cgi-bin directory should be configred appropriately CCE-27628-7 Access to Apache's httpd.conf file should be configured appropriately. CCE-27643-6 The Unix permissions of Apache's /htdocs directory should be configred appropriately CCE-27605-5 The Windows permissions for all directories specified by ScriptAliasMatch directives should be configured appropriately. CCE-28005-7 The Windows permissions of Apache's /logs directory should be configred appropriately CCE-28191-5 The Apache user account should be allowed root privileges as appropriate. CCE-27927-3 The ApacheErrorDocument directive should be set correctly for HTTP 405 errors. CCE-28066-9 The Apache "FollowSymLinks" setting for all "Options" directives should be configured appropriately. CCE-28259-0 The group membership of the Apache /var/www/html file should be set correctly. CCE-27620-4 The Unix permissions for all directories specified by Alias directives should be configured appropriately. CCE-28020-6 All directories specified by ScriptAlias directives should be owned by the appropriate group. CCE-28089-1 The Apache "LimitRequestBody" directive should be configured appropriately. CCE-27783-0 The Apache ServerSignature directive should be set appropriately. CCE-27952-1 The httpd.conf file should be owned by the appropriate group. CCE-27975-2 The Apache Server Administrator email address should be set correctly. CCE-28100-6 The Apache "MultiViews" setting for all "Options" directives should be configured appropriately. CCE-28229-3 The location of the Apache htpasswd file should be set correctly. CCE-27990-1 The Windows permissions of Apache's htpasswd.exe file(s) should be configured appropriately. CCE-27889-5 All files specified by ErrorLog directives should be owned by the appropriate group CCE-27670-9 Apache's process ID (PID) file should be owned by the appropriate group. CCE-28037-0 The Apache "IncludesNoExec" setting for all "Options" directives for the OS root should be configured appropriately. CCE-27914-1 Apache's /bin directory should be owned by the appropriate group. CCE-28206-1 The Apache "MultiViews" setting for all "Options" directives for the OS root should be configured appropriately. CCE-28075-0 Apache's proxy_ftp_module should be enabled or disabled as appropriate. CCE-27572-7 The Allow Directive for the OS root should be configured appropriately CCE-28146-9 All directories specified by ScriptAliasMatch directives should be owned by the appropriate group. CCE-27816-8 The Apache web server be run with the appropriate privileges. CCE-28090-9 The Apache AllowOverride directive should be configured appropriately for web site root directories. CCE-28173-3 The Allow directive for the specified Directory directive should be configured appropriately. CCE-27606-3 Apache's scoreboard (PID) file should be owned by the appropriate group. CCE-28025-5 The Apache Action directive shoud be configured appropriately. CCE-28210-3 The permissions for the Apache /usr/sbin/httpd file should be set correctly. CCE-28002-4 The group membership of the Apache /etc/httpd/conf/passwd file should be set correctly. CCE-27490-2 File permissions for httpd.conf should be set correctly. CCE-27827-5 User-specific directories should be enabled or disabled as appropriate. CCE-28101-4 The Apache "IncludesNoExec" setting for all "Options" directives should be configured appropriately. CCE-27207-0 Web Distributed Authoring and Versioning (WebDav) dav_module should be enabled or disabled as appropriate. CCE-27888-7 All files specified by ErrorLog directives should be owned by the appropriate user CCE-28038-8 Apache's process ID (PID) file should be owned by the appropriate user. CCE-28260-8 The "FollowSymLinks" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-28030-5 Apache's /cgi-bin directory should be owned by the appropriate group. CCE-28147-7 The Windows permissions of Apache's /bin directory should be configred appropriately CCE-28159-2 The permissions for the Apache /etc/httpd/conf/passwd file should be set correctly. CCE-28091-7 Permitted HTTP request methods should be configured appropriately. CCE-28151-9 The group membership of any Apache files in /var/log/httpd/ should be set correctly. CCE-27271-6 The Windows permissions of Apache's /config directory should be configred appropriately CCE-28211-1 The ownership of the Apache /usr/sbin/apachectl file should be set correctly. CCE-27645-1 The permissions of any Apache files in /var/log/httpd/ should be set correctly. CCE-28003-2 The group membership of the Apache user account should be set correctly. CCE-27853-1 The Deny Directive for the OS root should be configured appropriately CCE-27660-0 The Apachce "MaxKeepAliveRequests" directive should be configured appropriately. CCE-27732-7 Apache's process ID (PID) file's Windows permissions should be configured appropriately. CCE-28064-4 The Apache "Includes" setting for all "Options" directives for the OS root should be configured appropriately. CCE-28113-9 The Apache "FollowSymLinks" setting for all "Options" directives for the OS root should be configured appropriately. |