STIGQter: STIG Summary: APACHE 2.2 Site for Windows Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 25 Jan 2019:

Logs of web server access and errors must be established and maintained.

DISA Rule

SV-33132r1_rule

Vulnerability Number

V-2250

Group Title

WG240

Rule Version

WG240 W22

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Load log_config_module.

Check Contents

Open a command prompt window.

Navigate to the “bin” directory (in many cases this may be [Drive Letter]:\[directory path]\Apache Software Foundation\Apache2.2\bin>).

Enter the following command and press Enter: httpd –M

This will provide a list of all loaded modules. If the following module is not found this is a finding: log_config_module.

Vulnerability Number

V-2250

Documentable

False

Rule Version

WG240 W22

Severity Override Guidance

Open a command prompt window.

Navigate to the “bin” directory (in many cases this may be [Drive Letter]:\[directory path]\Apache Software Foundation\Apache2.2\bin>).

Enter the following command and press Enter: httpd –M

This will provide a list of all loaded modules. If the following module is not found this is a finding: log_config_module.

Check Content Reference

M

Responsibility

System Administrator

Target Key

161

Comments