STIGQter STIGQter: STIG Summary: APACHE 2.2 Server for UNIX Security Technical Implementation Guide Version: 1 Release: 11 Benchmark Date: 25 Jan 2019:

The httpd.conf MaxClients directive must be set properly.

DISA Rule

SV-36649r2_rule

Vulnerability Number

V-13730

Group Title

WA000-WWA032

Rule Version

WA000-WWA032 A22

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Open the httpd.conf file with an editor and search for the following directive:

MaxClients

Set the directive to a value of 256 or less, add the directive if it does not exist.

It is recommended that the directive be explicitly set to prevent unexpected results if the defaults change with updated software.

Check Contents

Open the httpd.conf file with an editor and search for the following directive:

MaxClients

The value needs to be 256 or less

If the directive is set improperly, this is a finding.

If the directive does not exist, this is NOT a finding because it will default to 256. It is recommended that the directive be explicitly set to prevent unexpected results if the defaults change with updated software.

NOTE: This vulnerability can be documented locally with the ISSM/ISSO if the site has operational reasons for the use of increased value. If the site has this documentation, this should be marked as Not a Finding.

Vulnerability Number

V-13730

Documentable

False

Rule Version

WA000-WWA032 A22

Severity Override Guidance

Open the httpd.conf file with an editor and search for the following directive:

MaxClients

The value needs to be 256 or less

If the directive is set improperly, this is a finding.

If the directive does not exist, this is NOT a finding because it will default to 256. It is recommended that the directive be explicitly set to prevent unexpected results if the defaults change with updated software.

NOTE: This vulnerability can be documented locally with the ISSM/ISSO if the site has operational reasons for the use of increased value. If the site has this documentation, this should be marked as Not a Finding.

Check Content Reference

M

Responsibility

Web Administrator

Target Key

158

Comments