Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Logs of web server access and errors will be established and maintained
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-2250 | WG240 | SV-2250r6_rule | ECAT-1 ECAT-2 | Medium |
| Description |
|---|
| A major tool in exploring the web site use, attempted use, unusual conditions, and problems are reported in the access and error logs. In the event of a security incident, these logs can provide the SA and the web manager with valuable information. Without these log files, SAs and web managers are seriously hindered in their efforts to respond appropriately to suspicious or criminal actions targeted at the web site. |
| STIG | Date |
|---|---|
| Web Server STIG | 2010-10-07 |
Details
| Check Text ( C-29928r1_chk ) |
|---|
| This check is concerned with verifying the existence and the maintenance of web server log files. Query the SA to determine what process, based on policy, governs the collection, maintenance, and retention of web server logs. The reviewer should look at any local governing policies and processes to ascertain policy compliance by inspecting the log files and reviewing configuration settings. The reviewer should check the following: 1. The frequency of backups for the web server log files. 2. The method of log files collection such as transmission to a central repository. 3. Event handling when the log files are full. Inspect the log files, as follows: Do the logs indicate contiguous time stamps? Does there appear to be any breaks in reporting times that may indicate any kind of problem reporting or logging events? If web log files are not being maintained, this is a finding. |
| Fix Text (F-13115r1_fix) |
|---|
| Configure the web server to maintain web server logs for both access and errors. |