STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to VMW vRealize Automation 7.x HA Proxy Security Technical Implementation Guide

V-240081

CAT II (Medium)

HAProxy psql-local frontend must be bound to port 5433.

Rule ID

SV-240081r879756_rule

STIG

VMW vRealize Automation 7.x HA Proxy Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001762

Discussion

Web servers provide numerous processes, features, and functionalities that utilize TCP/IP ports. Some of these processes may be deemed unnecessary or too unsecure to run on a production system. The HAProxy load balancer in the vRA appliance listens to port 5433 on behalf of the PostgreSQL service.

Check Content

At the command prompt, execute the following command:
 
grep 'bind' /etc/haproxy/conf.d/10-psql.cfg
 
If the value for bind is not set to 5433, this is a finding.

Fix Text

Navigate to and open /etc/haproxy/conf.d/10-psql.cfg

Navigate to and configure the "frontend psql-local" section with the following value:  

bind 127.0.0.1:5433