Check: AS24-W1-000700
Apache Server 2.4 Windows Server STIG:
AS24-W1-000700
(in versions v2 r3 through v1 r0.1)
Title
An Apache web server that is part of a web server cluster must route all remote management through a centrally managed access control point. (Cat II impact)
Discussion
A web server cluster is a group of independent Apache web servers that are managed as a single system for higher availability, easier manageability, and greater scalability. Without having centralized control of the web server cluster, management of the cluster becomes difficult. It is critical that remote management of the cluster be done through a designated management system acting as a single access point.
Check Content
Review the <'INSTALL PATH'>\conf\httpd.conf file. Verify the "mod_proxy" is loaded. If it does not exist, this is a finding. If the "mod_proxy" module is loaded and the "ProxyPass" directive is not configured, this is a finding.
Fix Text
Edit the <'INSTALL PATH'>\conf\httpd.conf file and load the "mod_proxy" module. Set the "ProxyPass" directive. Restart the Apache service.
Additional Identifiers
Rule ID: SV-214346r879729_rule
Vulnerability ID: V-214346
Group Title: SRG-APP-000356-WSR-000007
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001844 |
The information system provides centralized management and configuration of the content to be captured in audit records generated by organization-defined information system components. |
Controls
Number | Title |
---|---|
AU-3 (2) |
Centralized Management Of Planned Audit Record Content |