Title

The application pools rapid fail protection for each IIS 8.5 website must be enabled. (Cat II impact)

Discussion

Rapid fail protection is a feature that interrogates the health of worker processes associated with websites and web applications. It can be configured to perform a number of actions such as shutting down and restarting worker processes that have reached failure thresholds. By not setting rapid fail protection the web server could become unstable in the event of a worker process crash potentially leaving the web server unusable.

Check Content

If this IIS 8.5 installation is supporting Microsoft Exchange, and not otherwise hosting any content, this requirement is Not Applicable. Open the IIS 8.5 Manager. Click the "Application Pools". Perform for each Application Pool. Highlight an Application Pool to review and click "Advanced Settings" in the "Actions" pane. Scroll down to the "Rapid Fail Protection" section and verify the value for "Enabled" is set to "True". If the "Rapid Fail Protection:Enabled" is not set to "True", this is a finding.

Fix Text

Open the IIS 8.5 Manager. Click the "Application Pools". Perform for each Application Pool. Highlight an Application Pool to review and click "Advanced Settings" in the "Actions" pane. Scroll down to the "Rapid Fail Protection" section and set the value for "Enabled" to "True". Click "OK".

Additional Identifiers

Rule ID: SV-214491r879887_rule

Vulnerability ID: V-214491

Group Title: SRG-APP-000516-WSR-000174

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.