STIGQter: STIG Summary: Web Server Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 26 Apr 2019:

The web server must separate the hosted applications from hosted web server management functionality.

DISA Rule

SV-54371r3_rule

Vulnerability Number

V-41794

Group Title

SRG-APP-000211-WSR-000129

Rule Version

SRG-APP-000211-WSR-000129

Severity

CAT II

CCI(s)

• CCI-001082 - The information system separates user functionality (including user interface services) from information system management functionality.

Weight

10

Fix Recommendation

Configure the web server to separate the hosted applications from web server management functionality.

Check Contents

Review the web server documentation and deployed configuration to determine whether hosted application functionality is separated from web server management functions.

If the functions are not separated, this is a finding.

Vulnerability Number

V-41794

Documentable

False

Rule Version

SRG-APP-000211-WSR-000129

Severity Override Guidance

Review the web server documentation and deployed configuration to determine whether hosted application functionality is separated from web server management functions.

If the functions are not separated, this is a finding.

Check Content Reference

M

Target Key

2557

Comments