New Apache compliance audit policy
Tenable's research team has released a Nessus 3 audit policy file which can be used to audit the configuration of Apache web servers running on various UNIX platforms. The policy can be customized to your specific Apache distribution. It can audit many aspects of the httpd.conf file. For example, it has the ability to easily automate testing for which user the httpd process is running under, which ports it is bound to and what log format should be enabled. Since the actual configuration file is used, Nessus can perform this analysis even when the Apache server isn't running.
At the Tenable blog.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.