STIGQter: STIG Summary: Apache Server 2.4 Windows Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The Apache web server must separate the hosted applications from hosted Apache web server management functionality.

DISA Rule

SV-214330r505936_rule

Vulnerability Number

V-214330

Group Title

SRG-APP-000211-WSR-000129

Rule Version

AS24-W1-000450

Severity

CAT II

CCI(s)

• CCI-001082 - The information system separates user functionality (including user interface services) from information system management functionality.

Weight

10

Fix Recommendation

Configure Apache to separate the hosted applications from web server management functionality.

Check Contents

Review the web server documentation and deployed configuration to determine whether hosted application functionality is separated from web server management functions.

If the functions are not separated, this is a finding.

Vulnerability Number

V-214330

Documentable

False

Rule Version

AS24-W1-000450

Severity Override Guidance

Review the web server documentation and deployed configuration to determine whether hosted application functionality is separated from web server management functions.

If the functions are not separated, this is a finding.

Check Content Reference

M

Target Key

3998

Comments