STIGQter STIGQter: STIG Summary: Oracle HTTP Server 12.1.3 Security Technical Implementation Guide Version: 1 Release: 7 Benchmark Date: 24 Jul 2020:

The OHS DocumentRoot directory must be on a separate partition from OS root partition.

DISA Rule

SV-79187r1_rule

Vulnerability Number

V-64697

Group Title

SRG-APP-000516-WSR-000174

Rule Version

OH12-1X-000230

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

1. Open $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf and every .conf file (e.g., ssl.conf) included in it with an editor that contains a "<VirtualHost>" directive.

2. Search for the "DocumentRoot" directive at the OHS server and virtual host configuration scopes.

3. Move the directory associated with the "DocumentRoot" directive to a partition different from root partition.

Check Contents

1. Open $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf and every .conf file (e.g., ssl.conf) included in it with an editor that contains a "<VirtualHost>" directive.

2. Search for the "DocumentRoot" directive at the OHS server and virtual host configuration scopes.

3. If the directory associated with the "DocumentRoot" directive is associated with the root partition, this is a finding.

Vulnerability Number

V-64697

Documentable

False

Rule Version

OH12-1X-000230

Severity Override Guidance

1. Open $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf and every .conf file (e.g., ssl.conf) included in it with an editor that contains a "<VirtualHost>" directive.

2. Search for the "DocumentRoot" directive at the OHS server and virtual host configuration scopes.

3. If the directory associated with the "DocumentRoot" directive is associated with the root partition, this is a finding.

Check Content Reference

M

Target Key

2753

Comments