Detections
Analytics

CIS Apache Tomcat 10 L2 v1.0.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Apache Tomcat 10 L2 v1.0.0

Updated: 2/7/2024

Authority: CIS

Plugin: Unix

Revision: 1.4

Estimated Item Count: 30

File Details

Filename: CIS_Apache_Tomcat_10_L2_v1.0.0.audit

Size: 52.4 kB

MD5: 94eaba176b9c5fee5d5c5cd6ce24c54b
SHA256: 365b72c39133418b123633dea7a7fa737b7ef80de6a3f9be25d0106b3dd06874

Audit Items

DescriptionCategories
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/docs
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/examples
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/host-manager
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/manager
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/ROOT
1.2 Disable Unused Connectors
2.1 Alter the Advertised server.info String
2.2 Alter the Advertised server.number String
2.3 Alter the Advertised server.built Date
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors
2.7 Ensure Sever Header is Modified To Prevent Information Disclosure
3.2 Disable the Shutdown port
5.1 Use secure Realms
5.2 Use LockOut Realms
6.1 Setup Client-cert Authentication
7.1 Application specific logging
7.3 Ensure className is set correctly in context.xml
9.2 Disabling auto deployment of applications
9.3 Disable deploy on startup of applications
10.3 Restrict manager application
10.5 Rename the manager application - host-manager/manager.xml
10.5 Rename the manager application - webapps/manager
10.6 Enable strict servlet Compliance
10.8 Do not allow additional path delimiters - ALLOW_BACKSLASH
10.8 Do not allow additional path delimiters - ALLOW_ENCODED_SLASH
10.9 Configure connectionTimeout
10.10 Configure maxHttpHeaderSize
10.11 Force SSL for all applications
10.15 Do not resolve hosts on logging valves
CIS_Apache_Tomcat_10_L2_v1.0.0.audit from CIS Apache Tomcat 10 Benchmark