Detections
Analytics

CIS Apache Tomcat 10 L2 v1.0.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Apache Tomcat 10 L2 v1.0.0

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.5

Estimated Item Count: 30

File Details

Filename: CIS_Apache_Tomcat_10_L2_v1.0.0.audit

Size: 52.4 kB

MD5: 1c1fc76afe7a6f1341f2548d23325a97
SHA256: 56625c3ff375fbac4358d7021f8c756b59d7fe086c3aa8cc753727c1a76bfc6a

Audit Items

DescriptionCategories
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/docs
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/examples
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/host-manager
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/manager
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/ROOT
1.2 Disable Unused Connectors
2.1 Alter the Advertised server.info String
2.2 Alter the Advertised server.number String
2.3 Alter the Advertised server.built Date
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors
2.7 Ensure Sever Header is Modified To Prevent Information Disclosure
3.2 Disable the Shutdown port
5.1 Use secure Realms
5.2 Use LockOut Realms
6.1 Setup Client-cert Authentication
7.1 Application specific logging
7.3 Ensure className is set correctly in context.xml
9.2 Disabling auto deployment of applications
9.3 Disable deploy on startup of applications
10.3 Restrict manager application
10.5 Rename the manager application - host-manager/manager.xml
10.5 Rename the manager application - webapps/manager
10.6 Enable strict servlet Compliance
10.8 Do not allow additional path delimiters - ALLOW_BACKSLASH
10.8 Do not allow additional path delimiters - ALLOW_ENCODED_SLASH
10.9 Configure connectionTimeout
10.10 Configure maxHttpHeaderSize
10.11 Force SSL for all applications
10.15 Do not resolve hosts on logging valves
CIS_Apache_Tomcat_10_L2_v1.0.0.audit from CIS Apache Tomcat 10 Benchmark