| VID |
14065 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
The host system's Apache web service area is not separated. for web server's security server's deamons and contexts should be installed on separate harddisk's partition. Web contents are usually installed on 'DocumentRoot' which is the form of Apache's sub directory where all web contents will be stored. so It is recommended that this directory use separate harddisk's partition or hard drives which is different from Web server's root. that will make attackers more difficult to hack the web server.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Separate the Apache web service area as the following
# vi httpd.conf
Document Root "usr/local/apache/htdocs" <- Change Apache default path
#Document Root "/usr/local/apache/htdocs "
Document Root "/usr/local/www" |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
