Documentation - V-206428

V-206428

Web Server Security Requirements Guide

CAT II

Title

The web server must prohibit or restrict the use of nonsecure or unnecessary ports, protocols, modules, and/or services.

Description

<VulnDiscussion>Web servers provide numerous processes, features, and functionalities that utilize TCP/IP ports. Some of these processes may be deemed unnecessary or too unsecure to run on a production system. The web server must provide the capability to disable or deactivate network-related services that are deemed to be non-essential to the server mission, are too unsecure, or are prohibited by the PPSM CAL and vulnerability assessments.</VulnDiscussion><FalsePositives></FalsePositives><Fal...

Fix Text (Documentation Requirement)

Configure the web server to disable any ports or protocols that are not permitted, are nonsecure for a production web server or are not necessary for web server operation.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel