Documentation - V-214390

V-214390

Apache Server 2.4 Windows Site Security Technical Implementation Guide

CAT II

Title

The Apache web server must prohibit or restrict the use of nonsecure or unnecessary ports, protocols, modules, and/or services.

Description

<VulnDiscussion>Web servers provide numerous processes, features, and functionalities that use TCP/IP ports. Some of these processes may be deemed unnecessary or too unsecure to run on a production system. The web server must provide the capability to disable or deactivate network-related services that are deemed nonessential to the server mission, are too unsecure, or are prohibited by the Ports, Protocols, and Services Management (PPSM) Category Assurance List (CAL) and vulnerability assessme...

Fix Text (Documentation Requirement)

Ensure the website enforces the use of IANA well-known ports for HTTP and HTTPS.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel