DISA STIG Apache Server 2.4 Unix Site v2r2 Middleware

Audit Details

Name: DISA STIG Apache Server 2.4 Unix Site v2r2 Middleware

Updated: 8/9/2022

Authority: DISA STIG

Plugin: Unix

Revision: 1.2

Estimated Item Count: 41

File Details

Filename: DISA_STIG_Apache_Site-2.4_Unix_v2r2_Middleware.audit

Size: 87.6 kB

MD5: 53d8ae850fcafe4c1e4d4dd0caf62c68
SHA256: da0d92e6dc79b8c4e93eb2cb7c158030a990ff2620ce0874d93520d201745939

Audit Changelog

 
Revision 1.2

Aug 9, 2022

Functional Update
  • AS24-U2-000020 - The Apache web server must perform server-side session management - session_module
  • AS24-U2-000020 - The Apache web server must perform server-side session management - usertrack_module
  • AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_module
  • AS24-U2-000090 - The Apache web server must produce log records containing sufficient information to establish what type of events occurred - log_config_module
  • AS24-U2-000660 - The Apache web server must set an inactive timeout for sessions - reqtimeout_module
  • AS24-U2-000880 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data - session_cookie_module
  • AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies - session_cookie_module
Miscellaneous
  • Platform check updated.
Revision 1.1

Apr 25, 2022

Miscellaneous
  • References updated.