STIGQter: STIG Summary:| Checked | Name | Title |
|---|---|---|
| ☐ | SV-239402r674929_rule | Performance Charts must limit the amount of time that each TCP connection is kept alive. |
| ☐ | SV-239403r717041_rule | Performance Charts must limit the number of concurrent connections permitted. |
| ☐ | SV-239404r674935_rule | Performance Charts must limit the maximum size of a POST request. |
| ☐ | SV-239405r674938_rule | Performance Charts must protect cookies from cross-site scripting (XSS). |
| ☐ | SV-239406r675021_rule | Performance Charts must record user access in a format that enables monitoring of remote access. |
| ☐ | SV-239407r674944_rule | Performance Charts must generate log records for system startup and shutdown. |
| ☐ | SV-239408r674947_rule | Performance Charts log files must only be modifiable by privileged users. |
| ☐ | SV-239409r674950_rule | Performance Charts application files must be verified for their integrity. |
| ☐ | SV-239410r674953_rule | Performance Charts must only run one web app. |
| ☐ | SV-239411r674956_rule | Performance Charts must not be configured with unsupported realms. |
| ☐ | SV-239412r674959_rule | Performance Charts must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled. |
| ☐ | SV-239413r674962_rule | Performance Charts must have mappings set for Java servlet pages. |
| ☐ | SV-239414r674965_rule | Performance Charts must not have the Web Distributed Authoring (WebDAV) servlet installed. |
| ☐ | SV-239415r674968_rule | Performance Charts must be configured with memory leak protection. |
| ☐ | SV-239416r674971_rule | Performance Charts must not have any symbolic links in the web content directory tree. |
| ☐ | SV-239417r674974_rule | Performance Charts directory tree must have permissions in an "out-of-the box" state. |
| ☐ | SV-239418r674977_rule | Performance Charts must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail. |
| ☐ | SV-239419r674980_rule | Performance Charts must limit the number of allowed connections. |
| ☐ | SV-239420r674983_rule | Performance Charts must set "URIEncoding" to UTF-8. |
| ☐ | SV-239421r674986_rule | Performance Charts must use the "setCharacterEncodingFilter" filter. |
| ☐ | SV-239422r674989_rule | Performance Charts must set the welcome-file node to a default web page. |
| ☐ | SV-239423r674992_rule | Performance Charts must not show directory listings. |
| ☐ | SV-239424r674995_rule | Performance Charts must configured to show error pages with minimal information. |
| ☐ | SV-239425r674998_rule | Performance Charts must not enable support for TRACE requests. |
| ☐ | SV-239426r675001_rule | Performance Charts must have the debug option turned off. |
| ☐ | SV-239427r675004_rule | Performance Charts must properly configure log sizes and rotation. |
| ☐ | SV-239428r675007_rule | Rsyslog must be configured to monitor and ship Performance Charts log files. |
| ☐ | SV-239429r675010_rule | Performance Charts must be configured with the appropriate ports. |
| ☐ | SV-239430r675013_rule | Performance Charts must disable the shutdown port. |
| ☐ | SV-239431r675016_rule | Performance Charts must set the secure flag for cookies. |
| ☐ | SV-239432r675019_rule | Performance Charts must be configured to limit access to internal packages. |