STIGQter STIGQter: STIG Summary: APACHE SITE 2.0 for Unix Version: 1 Release: 5 Benchmark Date: 23 Oct 2015: System logging must be enabled.

DISA Rule

SV-33206r1_rule

Vulnerability Number

V-26281

Group Title

WA00615

Rule Version

WA00615 A22

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit the httpd.conf file and enter the name, path and level for the CustomLog.

Check Contents

Enter the following command:

grep "CustomLog" /usr/local/apache2/conf/httpd.conf

The command should return the following value:.

CustomLog "Logs/access_log" common

If the above value is not returned, this is a finding.

Vulnerability Number

V-26281

Documentable

False

Rule Version

WA00615 A22

Severity Override Guidance

Enter the following command:

grep "CustomLog" /usr/local/apache2/conf/httpd.conf

The command should return the following value:.

CustomLog "Logs/access_log" common

If the above value is not returned, this is a finding.

Check Content Reference

M

Responsibility

Web Administrator

Target Key

2100

Comments