V-218794
CAT IIThe IIS 10.0 web server must not be both a website server and a proxy server.
- Ships Affected
- 2
- Total Findings
- 3
- Open
- 0
- Closed
- 3
Check Text
Open the IIS 10.0 Manager.
Under the "Connections" pane on the left side of the management console, select the IIS 10.0 web server.
If, under the IIS installed features "Application Request Routing Cache" is not present, this is not a finding.
If, under the IIS installed features "Application Request Routing Cache" is present, double-click the icon to open the feature.
From the right "Actions" pane under "Proxy", select "Server Proxy Settings...".
In the "Application Request Routing" settings window, verify whether "Enable proxy" is selected.
If "Enable proxy" is selected under the "Application Request Routing" settings, this is a finding.
If the server has been approved to be a Proxy server, this requirement is Not Applicable.
Fix Text
Open the IIS 10.0 Manager.
Under the "Connections" pane on the left side of the management console, select the IIS 10.0 web server.
Under the IIS installed features, if "Application Request Routing Cache" is present, double-click the icon to open the feature.
From the right "Actions" pane, under "Proxy", select "Server Proxy Settings...".
In the "Application Request Routing" settings window, remove the check from the "Enable proxy" check box.
Click "Apply" in the "Actions" pane.
STIG Reference
- STIG
- Microsoft IIS 10.0 Server Security Technical Implementation Guide
- Version
- 3
- Release
- 7
- Rule ID
- SV-218794r960963_rule
All Occurrences
This vulnerability appears on 2 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_IIS10Server_V3R6_20260305-132942.cklb | Unassigned | 2026-03-12T15:38:14.420977 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_IIS10Server_V3R4_20251023-143809.ckl | Unassigned | 2026-01-14T12:57:35.201603 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Server_V3R4_20251023-152431.ckl | Unassigned | 2026-01-14T12:57:32.874734 | View in Context |