Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The OHS htdocs directory must not contain any default files.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-64641 | OH12-1X-000201 | SV-79131r1_rule | Medium |
| Description |
|---|
| Default files from the OHS installation should not be part of the htdocs directory. These files are not always patched or supported and may become an attacker vector in the future. |
| STIG | Date |
|---|---|
| Oracle HTTP Server 12.1.3 Security Technical Implementation Guide | 2020-06-12 |
Details
| Check Text ( C-65383r1_chk ) |
|---|
| 1. cd $DOMAIN_HOME/config/fmwconfig/components/OHS/instances/ohs1/htdocs 2. Check for the existence of the OracleHTTPServer12c_files directory (e.g., ls). 3. If there is an OracleHTTPServer12c_files directory exists, this is a finding. |
| Fix Text (F-70571r1_fix) |
|---|
| 1. cd $DOMAIN_HOME/config/fmwconfig/components/OHS/instances/ohs1/htdocs 2. rm –rf OracleHTTPServer12c_files. |