Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Debugging and trace information used to diagnose the IIS 10.0 website must be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-218761 | IIST-SI-000234 | SV-218761r558649_rule | Medium |
| Description |
|---|
| Setting compilation debug to false ensures detailed error information does not inadvertently display during live application usage, mitigating the risk of application information being displayed to users. |
| STIG | Date |
|---|---|
| Microsoft IIS 10.0 Site Security Technical Implementation Guide | 2021-12-28 |
Details
| Check Text ( C-20234r311181_chk ) |
|---|
| Note: If the ".NET feature" is not installed, this check is Not Applicable. Follow the procedures below for each site hosted on the IIS 10.0 web server: Open the IIS 10.0 Manager. Click the site name under review. Double-click ".NET Compilation". Scroll down to the "Behavior" section and verify the value for "Debug" is set to "False". If the "Debug" value is not set to "False", this is a finding. |
| Fix Text (F-20232r311182_fix) |
|---|
| Follow the procedures below for each site hosted on the IIS 10.0 web server: Open the IIS 10.0 Manager. Click the site name under review. Double-click ".NET Compilation". Scroll down to the "Behavior" section and set the value for "Debug" to "False". |