STIGQter STIGQter: STIG Summary: APACHE 2.2 Site for UNIX Security Technical Implementation Guide Version: 1 Release: 11 Benchmark Date: 25 Jan 2019:

Each readable web document directory must contain either a default, home, index, or equivalent file.

DISA Rule

SV-33020r1_rule

Vulnerability Number

V-2245

Group Title

WG170

Rule Version

WG170 A22

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Add a default document to the applicable directories.

Check Contents

To view the DocumentRoot value enter the following command:
awk '{print $1,$2,$3}' /usr/local/apache2/conf/httpd.conf|grep -i DocumentRoot|grep -v '^#'
Note each location following the DocumentRoot string, this is the configured path(s) to the document root directory(s).
To view a list of the directories and sub-directories and the file index.html, from each stated DocumentRoot location enter the following commands:
find . -type d
find . -type f -name index.html
Review the results for each document root directory and it's subdirectories. If a directory does not contain an index.html or equivalent default document, this is a finding.

Vulnerability Number

V-2245

Documentable

False

Rule Version

WG170 A22

Severity Override Guidance

To view the DocumentRoot value enter the following command:
awk '{print $1,$2,$3}' /usr/local/apache2/conf/httpd.conf|grep -i DocumentRoot|grep -v '^#'
Note each location following the DocumentRoot string, this is the configured path(s) to the document root directory(s).
To view a list of the directories and sub-directories and the file index.html, from each stated DocumentRoot location enter the following commands:
find . -type d
find . -type f -name index.html
Review the results for each document root directory and it's subdirectories. If a directory does not contain an index.html or equivalent default document, this is a finding.

Check Content Reference

M

Responsibility

Web Administrator

Target Key

161

Comments