From Web Policy STIG
Part of Change Management on production web sites.
Associated with IA controls: DCPR-1
One of the greatest potential threats to a production web server comes from the allowance of inappropriately controlled software change.
The intent of this control is to manage software changes for web sites on a production web server and to have in place mechanisms that prevent unauthorized and uncontrolled implementation of application code and scripts. This control does not address change management from the perspective of code changes and reviews that take place by a development team at the development level. Only code and scripts that physically reside or will reside on the production web server are affected by this check. After a development team has gone through a change management process for application code, and approved code changes to a production application or script, what change management process is in place to actually deliver that code and implement it on a production web server? A process will exist to manage change from the point where code has been approved and is awaiting implementation to the point where it is actually implemented on the production web server. A fully automated change management solution that places approved code in an access controlled interim location, scans it for viruses, date and time stamps records of receipt, and maintains a record of an authorized ID or service that initiated the change is preferable and would meet the requirements of this check. A manual or semi-automated process incorporating the majority of the following elements would also meet the intent of this check. Such processes are as follows: 1. The code is placed in an interim location and scanned for viruses. 2. An audit entry, manual or automated, exists to date and time stamp the receipt of the code changes. This entry will also include the authorized ID, web service or program or individual, associated with the change process. 3. Access control mechanisms are placed on the interim location so that only authorized personnel, programs, or services may access or write to or read from that location. 4. The delivery of the code to the interim location is through a secured channel. 5. The delivery of the code from the interim location to the production web server is through a secure channel. 6. Direct implementation of code on the production web server by developers or code authors is prohibited. Only SAs, web administrators, or authorized and secured services or programs may implement the code on the production web server. If change management to the production web server is governed by an MOU or an SLA, the majority of the elements listed above must still be addressed within those documents. Assurances will be provided by the application owners to the hosting administration. These assurances will be made available to an authorized reviewer. If a majority of the elements listed above are not a part of the change management process, this is a finding. NOTE: The future direction of this requirement is to require that all elements must be satisfied and not just a majority.
Ensure that a process is in place to control change on a production web site.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer