STIGQter: STIG Summary: APACHE 2.2 Server for Windows Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 25 Jan 2019:

The KeepAlive directive must be enabled.

DISA Rule

SV-32987r3_rule

Vulnerability Number

V-13725

Group Title

WA000-WWA022

Rule Version

WA000-WWA022 W22

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Modify the KeepAlive directive in the applicable Apache configuration files to have a value of On.

Check Contents

NOTE: This setting must be explicitly set.

Locate the Apache httpd.conf file.

Open the httpd.conf file with an editor such as notepad, and search for the following uncommented directive: KeepAlive

Every enabled KeepAlive value needs to be set to “On”. If any directive is set improperly, this is a finding. If any directive is set to “Off”, this is a finding.

NOTE: This vulnerability can be documented locally with the ISSM/ISSO if the site has an operational reason for not using persistent connections. If the site has this documented, this should be marked as Not a Finding.

Vulnerability Number

V-13725

Documentable

False

Rule Version

WA000-WWA022 W22

Severity Override Guidance

NOTE: This setting must be explicitly set.

Locate the Apache httpd.conf file.

Open the httpd.conf file with an editor such as notepad, and search for the following uncommented directive: KeepAlive

Every enabled KeepAlive value needs to be set to “On”. If any directive is set improperly, this is a finding. If any directive is set to “Off”, this is a finding.

NOTE: This vulnerability can be documented locally with the ISSM/ISSO if the site has an operational reason for not using persistent connections. If the site has this documented, this should be marked as Not a Finding.

Check Content Reference

M

Responsibility

Web Administrator

Target Key

158

Comments