| AS24-U1-000260 - The Apache web server must not be a proxy server - ProxyRequest | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| AS24-U1-000270 - The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials - Welcome page | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| AS24-U1-000270 - The Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | CONFIGURATION MANAGEMENT |
| AS24-U1-000670 - The Apache web server must restrict inbound connections from nonsecure zones. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | ACCESS CONTROL |
| AS24-U2-000390 - Only authenticated system administrators or the designated PKI Sponsor for the Apache web server must have access to the Apache web servers private key. | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AS24-U2-000390 - Only authenticated system administrators or the designated PKI Sponsor for the Apache web server must have access to the Apache web servers private key. | DISA STIG Apache Server 2.4 Unix Site v2r6 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| AS24-U2-000780 - The Apache web server application, libraries, and configuration files must only be accessible to privileged users. | DISA STIG Apache Server 2.4 Unix Site v2r6 Middleware | Unix | CONFIGURATION MANAGEMENT |
| AS24-W1-000260 - The Apache web server must not be a proxy server. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | CONFIGURATION MANAGEMENT |
| AS24-W1-000260 - The Apache web server must not be a proxy server. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | CONFIGURATION MANAGEMENT |
| AS24-W1-000670 - The Apache web server must restrict inbound connections from nonsecure zones. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | ACCESS CONTROL |
| AS24-W1-000820 - The Apache web server must be protected from being stopped by a non-privileged user. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - ClientCertAuth | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | ACCESS CONTROL |
| IIST-SV-000130 - Java software installed on a production IIS 10.0 web server must be limited to .class files and the Java Virtual Machine. | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000130 - Java software installed on a production IIS 8.5 web server must be limited to .class files and the Java Virtual Machine. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000033 - OHS must have the Order, Allow, and Deny directives set within the Location directives set to restrict inbound connections from nonsecure zones. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OH12-1X-000042 - OHS must have a log directory location defined to generate log records for system startup and shutdown, system access, and system authentication logging. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000046 - OHS must have a SSL log format defined to generate adequate logs by system startup and shutdown, system access, and system authentication events. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000093 - OHS must have the LoadModule file_cache_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000094 - OHS must have the LoadModule vhost_alias_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000095 - OHS must have the LoadModule env_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000096 - OHS must have the LoadModule mime_magic_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000098 - OHS must not have the LanguagePriority directive enabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000104 - OHS must have the IndexOptions directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000105 - OHS must have the AddIconByEncoding directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000107 - OHS must have the AddIcon directive disabled - OHS must have the AddIcon directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000109 - OHS must have the ReadmeName directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000114 - OHS must have the LoadModule cgi_module directive disabled - autoindex_module | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000114 - OHS must have the LoadModule cgi_module directive disabled - mpm_prefork_module | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000120 - OHS must have the ScriptSock directive disabled - ScriptSock | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000125 - OHS must have the LoadModule actions_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000127 - OHS must have the LoadModule userdir_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000128 - OHS must have the AliasMatch directive pertaining to the OHS manuals disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000132 - OHS must have the LoadModule authn_file_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000134 - OHS must have the LoadModule proxy_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000144 - OHS must have the BrowserMatch directive disabled - BrowserMatch | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000144 - OHS must have the BrowserMatch directive disabled - dir_module | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000153 - OHS must have the LoadModule proxy_connect_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000310 - OHS must have the SSLEngine, SSLProtocol, SSLWallet directives enabled and configured to prevent unauthorized disclosure of information during transmission - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SHPT-00-000682 - The Online Web Part Gallery must be configured for limited access. | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCEM-67-000026 - ESX Agent Manager must have the debug option turned off. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000026 - vSphere Client must have the debug option turned off. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCLD-67-000025 - VAMI must protect the keystore from unauthorized access. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPF-70-000028 - Performance Charts must have the debug option turned off. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCST-67-000026 - The Security Token Service must have the debug option disabled. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-70-000027 - vSphere UI must have the debug option turned off. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WG190 A22 - Web server software must be a vendor-supported version. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | |
| WG242 IIS6 - Log file data must contain required data elements. - 'Logging Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | AUDIT AND ACCOUNTABILITY |
| WG290 A22 - Web client access to the content directories must be restricted to read and execute - alias | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - cgi-bin | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'Alias - *.jpp' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
