STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Web Server Security Requirements Guide

V-264341

CAT II (Medium)

The web server must automatically generate audit records of the enforcement actions.

Rule ID

SV-264341r984368_rule

STIG

Web Server Security Requirements Guide

Version

V4R4

CCIs

CCI-003938

Discussion

Organizations log system accesses associated with applying configuration changes to ensure that configuration change control is implemented and to support after-the-fact actions should organizations discover any unauthorized changes.

Check Content

Verify the web server is configured to automatically generate audit records of the enforcement actions.

If the web server is not configured to automatically generate audit records of the enforcement actions, this is a finding.

Fix Text

Configure the web server to automatically generate audit records of the enforcement actions.