An Apache web server that is part of a web server cluster must route all remote management through a centrally managed access control point.

From Apache Server 2.4 Windows Server Security Technical Implementation Guide

Associated with: CCI-001844

AS24-W1-000700_rule An Apache web server that is part of a web server cluster must route all remote management through a centrally managed access control point.

Vulnerability discussion

A web server cluster is a group of independent Apache web servers that are managed as a single system for higher availability, easier manageability, and greater scalability. Without having centralized control of the web server cluster, management of the cluster becomes difficult. It is critical that remote management of the cluster be done through a designated management system acting as a single access point.

Check content

Review the <'INSTALL PATH'>\conf\httpd.conf file. Verify the "mod_proxy" is loaded. If it does not exist, this is a finding. If the "mod_proxy" module is loaded and the "ProxyPass" directive is not configured, this is a finding.

Fix text

Edit the <'INSTALL PATH'>\conf\httpd.conf file and load the "mod_proxy" module. Set the "ProxyPass" directive. Restart the Apache service.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.