Revision 1.5Aug 9, 2022
Functional Update
- 2.1 Ensure Only Necessary Authentication and Authorization Modules Are Enabled
- 2.2 Ensure the Log Config Module Is Enabled
- 2.3 Ensure the WebDAV Modules Are Disabled
- 2.4 Ensure the Status Module Is Disabled
- 2.5 Ensure the Autoindex Module Is Disabled
- 2.6 Ensure the Proxy Modules Are Disabled
- 2.7 Ensure the User Directories Module Is Disabled
- 2.8 Ensure the Info Module Is Disabled
- 2.9 Ensure the Basic and Digest Authentication Modules are Disabled
- 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'RewriteEngine on'
- 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'RewriteRule configuration'
- 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf <VirtualHost> RewriteEngine = on'
- 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf <VirtualHost> RewriteOptions = inherit'
- 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf RewriteCond = %{THE_REQUEST} !HTTP/1\.1$'
- 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - Rewrite module not loaded
- 6.5 Ensure Applicable Patches Are Applied
- 7.1 Ensure mod_ssl and/or mod_nss Is Installed - 'mod_ssl is loaded'
- 7.7 Ensure SSL Compression is Not Enabled
- 9.5 Ensure the Timeout Limits for Request Headers is Set to 40 or Less - mod_reqtimeout
- 9.6 Ensure Timeout Limits for the Request Body Are Set Properly - mod_reqtimeout
