STIGQter: STIG Summary: Apache Server 2.4 Windows Site Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020:

The Apache web server must be configured to use a specified IP address and port.

DISA Rule

SV-102601r1_rule

Vulnerability Number

V-92513

Group Title

SRG-APP-000142-WSR-000089

Rule Version

AS24-W2-000360

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Edit the <'INSTALLED PATH'>\conf\httpd.conf file and set the "Listen" directive to listen on a specific IP address and port.

Check Contents

Review the <'INSTALLED PATH'>\conf\httpd.conf file and search for the following directive:

Listen

For any enabled "Listen" directives, verify they specify both an IP address and port number.

If the "Listen" directive is found with only an IP address or only a port number specified, this is finding.

If the IP address is all zeros (i.e. 0.0.0.0:80 or [::ffff:0.0.0.0]:80), this is a finding.

If the "Listen" directive does not exist, this is a finding.

Vulnerability Number

V-92513

Documentable

False

Rule Version

AS24-W2-000360

Severity Override Guidance

Review the <'INSTALLED PATH'>\conf\httpd.conf file and search for the following directive:

Listen

For any enabled "Listen" directives, verify they specify both an IP address and port number.

If the "Listen" directive is found with only an IP address or only a port number specified, this is finding.

If the IP address is all zeros (i.e. 0.0.0.0:80 or [::ffff:0.0.0.0]:80), this is a finding.

If the "Listen" directive does not exist, this is a finding.

Check Content Reference

M

Target Key

3419

Comments