| 1.2 Ensure the Server Is Not a Multi-Use System | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Disable Apache services - Make sure that /etc/apache/httpd.conf does not exist. Note this check is only applicable for Apache 1.x | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 4.13 Restrict access to Tomcat tomcat-users.xml | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.13 Restrict access to Tomcat tomcat-users.xml | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 4.13 Restrict access to Tomcat tomcat-users.xml | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.13 Restrict access to Tomcat tomcat-users.xml | CIS Apache Tomcat 8 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 4.13 Restrict access to Tomcat tomcat-users.xml | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.13 Restrict access to Tomcat tomcat-users.xml | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.14 Restrict access to Tomcat web.xml | CIS Apache Tomcat 8 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf RewriteCond = %{THE_REQUEST} !HTTP/1.1$' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf RewriteCond = %{THE_REQUEST} !HTTP/1.1$' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf RewriteCond = %{THE_REQUEST} !HTTP/1.1$' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'RewriteEngine on' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'RewriteEngine on' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'RewriteEngine on' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'RewriteRule configuration' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'RewriteRule configuration' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'RewriteRule configuration' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - Rewrite module not loaded | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - Rewrite module not loaded | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - Rewrite module not loaded | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.2 Ensure a Syslog Facility Is Configured for Error Logging | CIS Apache HTTP Server 2.4 v2.2.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.3 Ensure All Default Apache Content Is Removed - 'httpd.conf Alias /icons/ /var/www/icons/ does not exists' | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.2 Restrict access to the web administration application | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 10.8 Do not allow additional path delimiters | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 10.8 Do not allow additional path delimiters | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 10.8 Do not allow additional path delimiters - ALLOW_BACKSLASH | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 18.9.69.3 (L2) Ensure 'Turn off the Store application' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| 20.34 Ensure 'Manually managed application account passwords are 14 characters in length' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 20.34 Ensure 'Manually managed application account passwords are 14 characters in length' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 20.34 Ensure 'Manually managed application account passwords are 14 characters in length' (STIG Only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 20.34 Ensure 'Manually managed application account passwords are 14 characters in length' (STIG Only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| AS24-U1-000010 - The Apache web server must limit the number of allowed simultaneous session requests - KeepAlive | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | ACCESS CONTROL |
| AS24-U1-000470 - Cookies exchanged between the Apache web server and client, such as session cookies, must have security settings that disallow cookie access outside the originating Apache web server and hosted application - httpd | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000950 - The Apache web server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AS24-U2-000960 - The Apache web server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | CONFIGURATION MANAGEMENT |
| AS24-W1-000130 - An Apache web server, behind a load balancer or proxy server, must produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| AS24-W1-000130 - An Apache web server, behind a load balancer or proxy server, must produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event. | DISA STIG Apache Server 2.4 Windows Server v3r1 | Windows | AUDIT AND ACCOUNTABILITY |
| AS24-W1-000940 - All accounts installed with the Apache web server software and tools must have passwords assigned and default passwords changed. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Local_Client_v1r6.audit from DISA McAfee VSEL 1.9/2.0 Local Client v1r6 STIG | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | |
| DISA_STIG_Microsoft_OneNote_2016_v1r2.audit for Microsoft OneNote 2016, from DISA STIG Microsoft OneNote 2016 v1r2 | DISA STIG Microsoft OneNote 2016 v1r2 | Windows | |
| DISA_STIG_Microsoft_Publisher_2016_v1r3.audit for Microsoft Publisher 2016, from DISA STIG Microsoft Publisher 2016 v1r3 | DISA STIG Microsoft Publisher 2016 v1r3 | Windows | |
| DISA_STIG_Microsoft_Visio_2016_v1r1.audit for Microsoft Visio 2016, from DISA STIG Microsoft Visio 2016 v1r1 | DISA STIG Microsoft Visio 2016 v1r1 | Windows | |
| DISA_STIG_Splunk_Enterprise_7.x_for_Windows_OS_v3r1.audit from DISA Splunk Enterprise 7.x for Windows v3r1 STIG | DISA STIG Splunk Enterprise 7.x for Windows v3r1 OS | Windows | |
| VCFL-67-000001 - vSphere Client must limit the amount of time that each TCP connection is kept alive. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000002 - vSphere Client must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL |
| VCFL-67-000020 - vSphere Client must limit the number of allowed connections. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000021 - vSphere Client must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WA00535 A22 - The score board file must be properly secured. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | |
| WA00535 A22 - The score board file must be properly secured. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
