3.4 Ensure Apache Directories and Files Are Owned By Root

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The Apache directories and files should be owned by root. This applies to all of the Apache software directories and files installed.

Rationale:

Restricting ownership of the Apache files and directories will reduce the probability of unauthorized modifications to those resources.

Solution

Perform the following:

Set ownership on the $APACHE_PREFIX directories such as /usr/local/apache2:

$ chown -R root $APACHE_PREFIX

Default Value:

Default ownership and group is a mixture of the user:group that built the software and root:root.

See Also

https://workbench.cisecurity.org/files/3021