STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to VMware vRealize Automation 7.x Lighttpd Security Technical Implementation Guide

V-240266

CAT II (Medium)

Lighttpd must not be configured to listen to unnecessary ports.

Rule ID

SV-240266r879756_rule

STIG

VMware vRealize Automation 7.x Lighttpd Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001762

Discussion

Web servers must provide the capability to disable or deactivate network-related services that are deemed to be non-essential to the server mission, are too unsecure, or are prohibited by the PPSM CAL and vulnerability assessments. Lighttpd will listen on ports that are specified with the server.port configuration parameter. Lighttpd listens to port 5480 to provide remote access to the Virtual Appliance Management Interface (vAMI). Lighttpd must not be configured to listen to any other port.

Check Content

At the command prompt, execute the following command: 

cat /opt/vmware/etc/lighttpd/lighttpd.conf | awk '$0 ~ /server\.port/ { print }'  

If any value returned other than "server.port=5480", this is a finding.

Fix Text

Navigate to and open /opt/vmware/etc/lighttpd/lighttpd.conf

Note: Do not delete the entry for "server.port=5480"

Delete all other server.port entries.