STIGQter: STIG Summary: APACHE 2.2 Server for Windows Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 25 Jan 2019: STIGQter: STIG Summary: APACHE 2.2 Server for Windows Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 25 Jan 2019:SV-33167r1_rule
V-26285
WA00500
WA00500 W22
CAT II
10
Disable any modules that are not needed by adding a "#" in front of them within the httpd.conf file, and restarting the Apache httpd service.
Open a command prompt window.
Navigate to the “bin” directory (in many cases this may be [Drive Letter]:\[directory path]\Apache Software Foundation\Apache2.2\bin>).
Enter the following command and press Enter: httpd –M
This will provide a list of the loaded modules. Discuss with the web administrator why all displayed modules are required for operation. If any module is not required for operation, this is a finding.
Note: The following modules do not need to be discussed: core_module, win32_module, mpm_winnt_module, http_module, so_module.
V-26285
False
WA00500 W22
Open a command prompt window.
Navigate to the “bin” directory (in many cases this may be [Drive Letter]:\[directory path]\Apache Software Foundation\Apache2.2\bin>).
Enter the following command and press Enter: httpd –M
This will provide a list of the loaded modules. Discuss with the web administrator why all displayed modules are required for operation. If any module is not required for operation, this is a finding.
Note: The following modules do not need to be discussed: core_module, win32_module, mpm_winnt_module, http_module, so_module.
M
Web Administrator
158