Check: AS24-W1-000065
Apache Server 2.4 Windows Server STIG:
AS24-W1-000065
(in version v2 r3)
Title
System logging must be enabled. (Cat II impact)
Discussion
The server error logs are invaluable because they can also be used to identify potential problems and enable proactive remediation. Log data can reveal anomalous behavior such as "not found" or "unauthorized" errors that may be an evidence of attack attempts. Failure to enable error logging can significantly reduce the ability of Web Administrators to detect or remediate problems. The CustomLog directive specifies the log file, syslog facility, or piped logging utility.
Check Content
In a command line, navigate to "<'INSTALLED PATH'>\bin\conf". Edit the "httpd.conf" file and search for the directive "CustomLog". If the "CustomLog" directive is missing or does not look like the following, this is a finding: CustomLog "Logs/access_log" common
Fix Text
Edit the httpd.conf file and enter the name, path, and level for the CustomLog.
Additional Identifiers
Rule ID: SV-214309r881525_rule
Vulnerability ID: V-214309
Group Title: SRG-APP-000516-WSR-000174
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |