Download
| Alert*
CCE-27826-7
All directories specified by ServerRoot directives should be owned by the appropriate group. CCE-27619-6 The Unix permissions for all directories specified by ScriptAliasMatch directives should be configured appropriately. CCE-27781-4 The Apache user account should be locked or unlocked as appropriate. CCE-27841-6 The group membership of the Apache /var/www/html file should be set correctly. CCE-27657-6 The Apache "Indexes" setting for all "Options" directives should be configured appropriately. CCE-27887-9 Apache's proxy_balancer_module should be enabled or disabled as appropriate. CCE-27864-8 The Unix permissions for all files specified by ErrorLog directives should be configured appropriately CCE-27935-6 The ownership of the Apache /usr/sbin/apachectl file should be set correctly. CCE-27382-1 The "Indexes" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-27672-5 All directories specified by Alias directives should be owned by the appropriate user. CCE-27246-8 Apache's listening port should be configured appropriately. CCE-27415-9 The Allow Directive for the OS root should be configured appropriately CCE-27705-3 The Windows permissions for all directories specified by ScriptAliasMatch directives should be configured appropriately. CCE-27306-0 The Windows permissions of Apache's /logs directory should be configred appropriately CCE-27536-2 The Apache AllowOverride Directive should be configured appropriately for operating system root directories. CCE-27777-2 All directories specified by ScriptAlias directives should be owned by the appropriate group. CCE-27540-4 The Unix permissions of Apache's /logs directory should be configred appropriately CCE-26955-5 The group membership of the Apache /usr/sbin/apachectl file should be set correctly. CCE-27837-4 The permissions for the Apache /etc/httpd/conf/passwd file should be set correctly. CCE-27852-3 Apache's info_module should be enabled or disabled as appropriate. CCE-27890-3 The httpd.conf file should be owned by the appropriate user. CCE-27684-0 The Deny Directive for the OS root should be configured appropriately CCE-27548-7 All directories specified by ServerRoot directives should be owned by the appropriate user. CCE-27126-2 Apache's Scoreboard file's Unix permissions should be configured appropriately. CCE-27332-6 The htpasswd should be owned by the appropriate user. CCE-27901-8 The permissions for the Apache /usr/sbin/apachectl file should be set correctly. CCE-27825-9 Apache's proxy_module should be enabled or disabled as appropriate. CCE-27780-6 Access to Apache's httpd.conf file should be configured appropriately. CCE-27492-8 All directories specified by DocumentRoot directives should be owned by the appropriate user. CCE-27848-1 The Apache "MaxClients" directive should be configured appropriately. CCE-27840-8 The Windows permissions for all directories specified by DocumentRoot directives should be configured appropriately. CCE-27911-7 The Unix permissions of Apache's /bin directory should be configred appropriately CCE-27919-0 Apache's /cgi-bin directory should be owned by the appropriate user. CCE-27612-1 Anonymous sharing of Apache's web content directories with smb should be configured appropriately. CCE-27696-4 Apache's process ID (PID) file's Unix permissions should be configured appropriately. CCE-27788-9 Apache's proxy_ftp_module should be enabled or disabled as appropriate. CCE-27598-2 The required permissions for the file %SystemRoot%\System32\cscript.exe should be assigned CCE-27273-2 The group membership of the Apache /usr/sbin/httpd file should be set correctly. CCE-27859-8 Apache's scoreboard (PID) file should be owned by the appropriate group. CCE-27753-3 The requried permssions for the file %SystemRoot%\System32\wscript.exe should be assigned. CCE-27791-3 The Apache ErrorDocument directive should be set correctly for HTTP 400 errors. CCE-27481-1 The Unix permissions of Apache's htpasswd file should be configured appropriately. CCE-27897-8 The "ExecCGI" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-27601-4 The group membership of the Apache /etc/httpd/conf.d file should be set correctly. CCE-27813-5 The Windows permissions of Apache's /htdocs directory should be configred appropriately CCE-27685-7 Apache's /bin directory should be owned by the appropriate group. CCE-27851-5 Apache's process ID (PID) file should be owned by the appropriate user. CCE-27776-4 Permitted HTTP request methods should be configured appropriately. CCE-27799-6 The Windows permissions for all directories specified by ScriptAlias directives should be configured appropriately. CCE-27240-1 The Windows permissions of Apache's /config directory should be configred appropriately CCE-27787-1 The Unix permissions for all directories specified by ServerRoot directives should be configred appropriately CCE-27576-8 The Apache SSLEngine directive should be configured appropriately. CCE-27764-0 The Apache "Includes" setting for all "Options" directives should be configured appropriately. CCE-27824-2 Apache's proxy_ajp_module should be enabled or disabled as appropriate CCE-27910-9 The ApacheErrorDocument directive should be set correctly for HTTP 401 errors. CCE-27862-2 Apache's listening IP address should be configured appropriately. CCE-27384-7 All directories specified by ScriptAliasMatch directives should be owned by the appropriate group. CCE-27741-8 The Apache "LimitRequestFields" directive should be configured appropriately CCE-27599-0 The Windows permissions of Apache's htpasswd.exe file(s) should be configured appropriately. CCE-27648-5 The httpd.conf file should be owned by the appropriate group. CCE-27873-9 The htpasswd file should be owned by the appropriate group. CCE-27602-2 Apache's /logs directory should be owned by the appropriate group. CCE-27686-5 The Apache web server be run with the appropriate privileges. CCE-27357-3 Apache's status_module should be enabled or disabled as appropriate. CCE-27714-5 The ownership of log files in Apache /var/log/httpd/ should be set correctly. CCE-27740-0 The Apache SSLProtocol directive should be configured appropriately. CCE-27531-3 The Apache "TraceEnable" directive should be configured appropriatley. CCE-26965-4 The Allow directive for the specified Directory directive should be configured appropriately. CCE-27800-2 Apache's configuration directory should be owned by the appropriate group. CCE-27494-4 All files specified by ErrorLog directives should be owned by the appropriate group CCE-27884-6 All directories specified by ScriptAliasMatch directives should be owned by the appropriate user. CCE-27456-3 The Apache "KeepAlive" directive should be configured appropriately. CCE-27861-4 Web Distributed Authoring and Versioning (WebDav) dav_fs_module should be enabled or disabled as appropriate. CCE-27516-4 The Apache AllowOverride directive should be configured appropriately for web site root directories. CCE-27554-5 The Apache "LimitRequestFieldSizeBody" directive should be configured appropriately. CCE-27819-2 Apache's Scoreboard file's Windows permissions should be configured appropriately. CCE-27566-9 The Apache Group directive should be set correctly. CCE-27067-8 The Apache "ExecCGI" setting for all "Options" directives for the OS root should be configured appropriately. CCE-27460-5 All directories specified by Alias directives should be owned by the appropriate group. CCE-27422-5 The group membership of any Apache files in /var/log/httpd/ should be set correctly. CCE-27944-8 The"MultiViews" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-27872-1 Apache's ssl_module should be enabled or disabled as appropriate. CCE-27664-2 All directories specified by DocumentRoot directives should be owned by the appropriate group. CCE-27699-8 Apache's /htdocs directory should be owned by the appropriate user. CCE-27759-0 Automatic directory indexing should be enabled or disabled as appropriate. CCE-27868-9 The maximum password age setting for Apache's service account should be configured appropriately. CCE-27302-9 The ownership of the Apache /etc/httpd/conf/passwd file should be set correctly. CCE-27883-8 The Apache ServerSignature directive should be set appropriately. CCE-27822-6 The path for Apache sites error log files should be configured appropriately. CCE-27845-7 Apache's process ID (PID) file's Windows permissions should be configured appropriately. CCE-27709-5 Apache's /bin directory should be owned by the appropriate user. CCE-27400-1 The file permissions for all files specified by CustomLog directives should be configured appropriately CCE-27860-6 The ApacheErrorDocument directive should be set correctly for HTTP 405 errors. CCE-27724-4 All files specified by ErrorLog directives should be owned by the appropriate user CCE-27818-4 Apache's /logs directory should be owned by the appropriate user. CCE-27313-6 The Order directive for the specified Directory directive should be configured appropriately. CCE-27627-9 The Unix permissions for all directories specified by Alias directives should be configured appropriately. CCE-27773-1 The Apache site's robots.txt should be configured to disallow paths and files as appropriate. CCE-27833-3 Apache's configuration directory should be owned by the appropriate user. CCE-27856-4 The ownership of the Apache /var/www/html file should be set correctly. CCE-27943-0 The permissions of any Apache files in /var/log/httpd/ should be set correctly. CCE-27879-6 The Apache "LogLevel" directive should be configured appropriately. CCE-27469-6 All Apache's online manual should be available or removed as appropriate. CCE-27688-1 The Apache "Timeout" directive should be configured appropriately. CCE-27680-8 The ApacheErrorDocument directive should be set correctly for HTTP 403 errors. CCE-27810-1 The Apache "MaxSpareServers" directive should be configured appropriately. CCE-27506-5 The Apache "IncludesNoExec" setting for all "Options" directives for the OS root should be configured appropriately. CCE-27750-9 The Windows permissions for all files specified by ErrorLog directives should be configured appropriately CCE-27806-9 The Apache "SymLinksIfOwnerMatch" setting for all "Options" directives for the OS root should be configured appropriately. CCE-27639-4 The Apache access log file data should be configured to contain the appropriate data elements. CCE-27677-4 Anonymous sharing of Apache's web content directories with nfs should be configured appropriately. CCE-27829-1 The Windows permissions of Apache's /bin directory should be configred appropriately CCE-27132-0 Web Distributed Authoring and Versioning (WebDav) dav_module should be enabled or disabled as appropriate. CCE-27435-7 The Apache "StartServers" directive should be configured appropriately. CCE-27882-0 The Order directive for all DocumentRoot directives should be configured appropriately. CCE-27930-7 Apache's process ID (PID) file should be owned by the appropriate group. CCE-27692-3 The Apache "MultiViews" setting for all "Options" directives for the OS root should be configured appropriately. CCE-27700-4 The group membership of the Apache /etc/httpd/conf/passwd file should be set correctly. CCE-27915-8 The permissions for the Apache /usr/sbin/httpd file should be set correctly. CCE-27579-2 Apache's proxy_connect_module should be enabled or disabled as appropriate. CCE-27510-7 The Order directive for the OS root should be configured appropriately. CCE-27023-1 The Deny directive for the specified Directory directive should be configured appropriately. CCE-27545-3 The Apache "Indexes" setting for all "Options" directives for the OS root should be configured appropriately. CCE-27817-6 The ApacheErrorDocument directive should be set correctly for HTTP 500 errors. CCE-27292-2 The Unix permissions for all directories specified by ScriptAlias directives should be configured appropriately. CCE-27462-1 The permissions for the Apache /etc/httpd/conf.d file should be set correctly. CCE-27772-3 The Unix permissions for all directories specified by DocumentRoot directives should be configured appropriately. CCE-27000-9 File permissions for httpd.conf should be set correctly. CCE-27878-8 The Apache user account should be allowed root privileges as appropriate. CCE-27666-7 The Apache "IncludesNoExec" setting for all "Options" directives should be configured appropriately. CCE-27390-4 The ApacheErrorDocument directive should be set correctly for HTTP 404 errors. CCE-27870-5 Apache's demo CGI printenv.pl should be available or removed as appropriate CCE-27583-4 Web Distributed Authoring and Versioning (WebDav) dav_lock_module should be enabled or disabled as appropriate. CCE-27757-4 The Apache "MultiViews" setting for all "Options" directives should be configured appropriately. CCE-27282-3 All directories specified by ScriptAlias directives should be owned by the appropriate user. CCE-27304-5 All files specified by CustomLog directives should be owned by the appropriate user CCE-27866-3 Apache's /htdocs directory should be owned by the appropriate group. CCE-27497-7 The ownership of the Apache /etc/httpd/conf.d file should be set correctly. CCE-27881-2 Apache's proxy_http_module should be enabled or disabled as appropriate. CCE-27380-5 The Apache "ServerTokens" directive should be configured appropriately. CCE-27820-0 Apache's /cgi-bin directory should be owned by the appropriate group. CCE-27519-8 The "FollowSymLinks" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-27843-2 The Windows permissions for all directories specified by ServerRoot directives should be configred appropriately CCE-27745-9 All readable Apache web document directories should have their default webpage configured appropriately. CCE-27722-8 The group membership of the Apache user account should be set correctly. CCE-27771-5 The Windows permissions for all directories specified by Alias directives should be configured appropriately. CCE-27794-7 The Apache system logging should be configured appropriately. CCE-27667-5 The location of the Apache htpasswd file should be set correctly. CCE-27854-9 The permissions for the Apache/var/www/html file should be set correctly. CCE-27892-9 The"Includes" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-27839-0 The Windows permissions for all files specified by CustomLog directives should be configured appropriately CCE-27041-3 The Unix permissions of Apache's /htdocs directory should be configred appropriately CCE-27903-4 The Apache runtime rewriting engine should be enabled or disabled as appropriate. CCE-27217-9 The ownership of the Apache /usr/sbin/httpd file should be set correctly. CCE-27330-0 The Apache "KeepAliveTimeout" directive should be configured appropriately. CCE-27682-4 User-specific directories should be enabled or disabled as appropriate. CCE-27877-0 The Apache "FollowSymLinks" setting for all "Options" directives should be configured appropriately. CCE-27756-6 The Apache User directive should be set correctly. CCE-27733-5 The ScriptAlias for the specified directory should be configured appropriately. CCE-27779-8 Anonymous sharing of Apache's web content directories should be configured appropriately. CCE-27782-2 Apache's log_config_module should be enabled or disabled as appropriate. CCE-27618-8 The Apache "LimitRequestBody" directive should be configured appropriately. CCE-27679-0 The Apache "Includes" setting for all "Options" directives for the OS root should be configured appropriately. CCE-27913-3 testcgi should be installed as appropriate. CCE-27134-6 The Apache "FollowSymLinks" setting for all "Options" directives for the OS root should be configured appropriately. CCE-26950-6 The Unix permissions of Apache's configuration directory should be configred appropriately CCE-27815-0 Apache's scoreboard file should be owned by the appropriate user. CCE-27830-9 The Apachce "MaxKeepAliveRequests" directive should be configured appropriately. CCE-27509-9 The "IncludesNOEXEC" setting of the DocumentRoot should be enabled or disabled as appropriate. CCE-27426-6 The Apache "LimitRequestline" directive should be configured appropriatley. CCE-27876-2 All files specified by CustomLog directives should be owned by the appropriate group CCE-27449-8 The Apache "MinSpareServers" directive should be configured appropriately. CCE-27793-9 The Unix permissions of Apache's /cgi-bin directory should be configred appropriately |