|Finding ID||Version||Rule ID||IA Controls||Severity|
|APACHE SITE 2.0 for Windows||2011-12-12|
|Check Text ( C-35736r1_chk )|
| To preclude access to the servers root directory, ensure the following directive is in the httpd.conf file. This entry will also stop users from setting up .htaccess files which can override security features configured in httpd.conf. |
If the AllowOverride None is not set, this is a finding.
|Fix Text (F-30977r1_fix)|
|Enter the statement above into httpd.conf file for all web site root directories.|