STIGQter: STIG Summary: APACHE 2.2 Site for UNIX Security Technical Implementation Guide Version: 1 Release: 11 Benchmark Date: 25 Jan 2019:

Logs of web server access and errors must be established and maintained

DISA Rule

SV-33025r1_rule

Vulnerability Number

V-2250

Group Title

WG240

Rule Version

WG240 A22

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Edit the httpd.conf file and add the following module to configure logging.

"log_config_module"

Check Contents

To view a list of loaded modules enter the following command:

/usr/local/apache2/bin/httpd -M

If the following module is not found, this is a finding: "log_config_module"

Vulnerability Number

V-2250

Documentable

False

Rule Version

WG240 A22

Severity Override Guidance

To view a list of loaded modules enter the following command:

/usr/local/apache2/bin/httpd -M

If the following module is not found, this is a finding: "log_config_module"

Logs of web server access and errors must be established and maintained

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments