Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Apache web server must be tuned to handle the operational requirements of the hosted application.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-214354 | AS24-W1-000830 | SV-214354r879806_rule | Medium |
| Description |
|---|
| A denial of service (DoS) can occur when the Apache web server is so overwhelmed that it can no longer respond to additional requests. A web server not properly tuned may become overwhelmed and cause a DoS condition even with expected traffic from users. To avoid a DoS, the Apache web server must be tuned to handle the expected traffic for the hosted applications. |
| STIG | Date |
|---|---|
| Apache Server 2.4 Windows Server Security Technical Implementation Guide | 2022-12-14 |
Details
| Check Text ( C-15566r277565_chk ) |
|---|
| Verify the "Timeout" directive is specified in the Apache configuration files to have a value of "10" seconds or less. If the "Timeout" directive is not configured or set for more than "10" seconds, this is a finding. |
| Fix Text (F-15564r277566_fix) |
|---|
| Add or modify the "Timeout" directive in the Apache configuration to have a value of "10" seconds or less. "Timeout 10" Restart the Apache service. |