2.2.10 Ensure HTTP server is not enabled (Scored)

Level 1 - Server
Level 1 - Workstation 

HTTP or web servers provide the ability to host web site content.

Unless there is a need to run the system as a web server, it is recommended that the package be deleted to reduce the potential attack surface.

Run the following commands to verify apache2 is not enabled:

# systemctl is-enabled apache2

Verify result is not “enabled”.

Run the following command to disable apache2:

# systemctl disable apache2
  • ubuntu1604/2/2/10.txt
  • Last modified: 2017/05/02 11:44
  • by Piotr Kłoczewski