2.2.10 Ensure HTTP server is not enabled (Scored)

Level 1 - Server
Level 1 - Workstation 

HTTP or web servers provide the ability to host web site content.

Unless there is a need to run the system as a web server, it is recommended that the package be deleted to reduce the potential attack surface.

Run the following commands to verify httpd is not enabled:

# systemctl is-enabled httpd

Verify result is not “enabled”.

Run the following command to disable httpd:

# systemctl disable httpd
  • centos7/2/2/10.txt
  • Last modified: 2017/05/04 16:48
  • by Piotr Kłoczewski