OHS must have the RewriteLog directive set properly.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-64651	OH12-1X-000206	SV-79141r1_rule		Low

Description
Specifying where the log files are written gives the system administrator the capability to store the files in a location other than the default, with system files or in a globally accessible location. The system administrator can also specify a location that is accessible by any enterprise tools that may use the logged data to give a picture of the overall enterprise security posture. If a file is not specified, OHS will still generate the log data, but it is not written and therefore, cannot be used to monitor the system or for forensic analysis.

Description

Specifying where the log files are written gives the system administrator the capability to store the files in a location other than the default, with system files or in a globally accessible location. The system administrator can also specify a location that is accessible by any enterprise tools that may use the logged data to give a picture of the overall enterprise security posture. If a file is not specified, OHS will still generate the log data, but it is not written and therefore, cannot be used to monitor the system or for forensic analysis.

STIG	Date
Oracle HTTP Server 12.1.3 Security Technical Implementation Guide	2019-01-04

Details

Check Text ( C-65393r1_chk )
1. As required, open $DOMAIN_HOME/config/fmwconfig/components/OHS//httpd.conf and every .conf file (e.g., ssl.conf) included in it with an editor that contains a "" directive. 2. Search for the "RewriteLog" directive at the OHS server and virtual host configuration scopes. 3. If the directive is omitted or set improperly, this is a finding unless inherited from a larger scope. 4. Validate that the folder specified exists. If the folder does not exist, this is a finding.

Check Text ( C-65393r1_chk )

1. As required, open $DOMAIN_HOME/config/fmwconfig/components/OHS//httpd.conf and every .conf file (e.g., ssl.conf) included in it with an editor that contains a "" directive.

2. Search for the "RewriteLog" directive at the OHS server and virtual host configuration scopes.

3. If the directive is omitted or set improperly, this is a finding unless inherited from a larger scope.

4. Validate that the folder specified exists. If the folder does not exist, this is a finding.

Fix Text (F-70581r1_fix)
1. As required, open $DOMAIN_HOME/config/fmwconfig/components/OHS//httpd.conf and every .conf file (e.g., ssl.conf) included in it with an editor that contains a "" directive. 2. Search for the "RewriteLog" directive at the OHS server and virtual host configuration scopes. 3. Set the "RewriteLog" directive to the same location as the "CustomLog" directive; add the directive if it does not exist unless inherited from a larger scope.

Fix Text (F-70581r1_fix)

1. As required, open $DOMAIN_HOME/config/fmwconfig/components/OHS//httpd.conf and every .conf file (e.g., ssl.conf) included in it with an editor that contains a "" directive.

2. Search for the "RewriteLog" directive at the OHS server and virtual host configuration scopes.

3. Set the "RewriteLog" directive to the same location as the "CustomLog" directive; add the directive if it does not exist unless inherited from a larger scope.