Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Lighttpd must generate log records for system startup and shutdown.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-240219 | VRAU-LI-000035 | SV-240219r879559_rule | Medium |
| Description |
|---|
| Log records can be generated from various components within the web server (e.g., httpd, plug-ins to external backends, etc.). From a web server perspective, certain specific web server functionalities may be logged as well. Lighttpd records system event information in the error.log file. Included in the file is system start and stop events. |
| STIG | Date |
|---|---|
| VMware vRealize Automation 7.x Lighttpd Security Technical Implementation Guide | 2023-09-12 |
Details
| Check Text ( C-43452r667832_chk ) |
|---|
| At the command prompt, execute the following command: egrep 'server\sstarted|server\sstopped' /opt/vmware/var/log/lighttpd/error.log If server stopped and server started times are not listed, this is a finding. |
| Fix Text (F-43411r667833_fix) |
|---|
| Navigate to and open /opt/vmware/etc/lighttpd/lighttpd.conf Configure the "lighttpd.conf" file with the following: server.errorlog = log_root + "/error.log" |