OHS must have the LoadModule proxy_ftp_module directive disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-221399 | OH12-1X-000152 | SV-221399r879587_rule | Medium |
| Description |
|---|
| A web server should be primarily a web server or a proxy server but not both, for the same reasons that other multi-use servers are not recommended. Scanning for web servers that will also proxy requests into an otherwise protected network is a very common attack making the attack anonymous. |
| STIG | Date |
|---|---|
| Oracle HTTP Server 12.1.3 Security Technical Implementation Guide | 2022-12-09 |
Details
| Check Text ( C-23114r414880_chk ) |
|---|
| 1. Open $DOMAIN_HOME/config/fmwconfig/components/OHS/ 2. Search for the "LoadModule proxy_ftp_module" directive at the OHS server configuration scope. 3. If the directive exists and is not commented out, this is a finding. |
| Fix Text (F-23103r414881_fix) |
|---|
| 1. Open $DOMAIN_HOME/config/fmwconfig/components/OHS/ 2. Search for the "LoadModule proxy_ftp_module" directive at the OHS server configuration scope. 3. Comment out the "LoadModule proxy_ftp_module" directive if it exists. |