Detections
Analytics

CIS Apache Tomcat 9 L2 v1.1.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Apache Tomcat 9 L2 v1.1.0

Updated: 5/24/2023

Authority: CIS

Plugin: Unix

Revision: 1.6

Estimated Item Count: 30

File Details

Filename: CIS_Apache_Tomcat_9_L2_v1.1.0.audit

Size: 52 kB

MD5: a950e44e2ff7b1a13ac44b035bd97edb
SHA256: c210a42ee64a963ea0cd6392df5acb0f802ef8cd68d57d02ffcda70d6da78bc5

Audit Items

DescriptionCategories
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/docs
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/examples
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/host-manager
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/manager
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/ROOT
1.2 Disable Unused Connectors
2.1 Alter the Advertised server.info String
2.2 Alter the Advertised server.number String
2.3 Alter the Advertised server.built Date
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors
2.7 Ensure Sever Header is Modified To Prevent Information Disclosure
3.2 Disable the Shutdown port
5.1 Use secure Realms
5.2 Use LockOut Realms
6.1 Setup Client-cert Authentication
7.1 Application specific logging
7.3 Ensure className is set correctly in context.xml
9.2 Disabling auto deployment of applications
9.3 Disable deploy on startup of applications
10.3 Restrict manager application
10.5 Rename the manager application - host-manager/manager.xml
10.5 Rename the manager application - webapps/manager
10.6 Enable strict servlet Compliance
10.8 Do not allow additional path delimiters - ALLOW_BACKSLASH
10.8 Do not allow additional path delimiters - ALLOW_ENCODED_SLASH
10.9 Configure connectionTimeout
10.10 Configure maxHttpHeaderSize
10.11 Force SSL for all applications
10.15 Do not resolve hosts on logging valves
CIS_Apache_Tomcat_9_L2_v1.1.0.audit from CIS Apache Tomcat 9 Benchmark