CCE-27903-4| Platform: apache-httpd2.2 | Date: (C)2013-02-19 (M)2022-10-10 |
The Apache runtime rewriting engine should be enabled or disabled as appropriate.
Parameter:
(1) off/on
Technical Mechanism:
(1) Apache configuration file: RewriteEngine directive
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : | Attack Vector: |
| Exploit Score: | Attack Complexity: |
| Impact Score: | Privileges Required: |
| Severity: | User Interaction: |
| Vector: | Scope: |
| | Confidentiality: |
| | Integrity: |
| | Availability: |
| | |
References: | Resource Id | Reference |
|---|
| CIS Security Configuration Benchmark For Apache Web Server 2.2 Version 3.1.0 June 11th, 2012 | 1.5.9 Restrict HTTP Protocol Versions (Level 1, Scorable)
Add the RewriteEngine directive to the configuration within the global server context with the value of on so that the rewrite engine is enabled. RewriteEngine On Page 43-44 |
| CIS Security Configuration Benchmark For Apache Web Server 2.2.0 Version 2.2.0 November 2008 | 1.11 Restrict HTTP Protocol Version p19 |
