STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Xylok Security Suite 20.x Security Technical Implementation Guide

V-269580

CAT II (Medium)

The Xylok Security Suite configuration for DEBUG must be False.

Rule ID

SV-269580r1053515_rule

STIG

Xylok Security Suite 20.x Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001312

Discussion

Providing too much information in error messages risks compromising the data and security of the Xylok Security Suite and system. If DEBUG is set to True, it will show stack traces in error messages to assist with contact Xylok Support, but potentially reveal secure information.

Check Content

Verify DEBUG is configured. Execute the following:
$ grep DEBUG /etc/xylok.conf

DEBUG=False

If "DEBUG" is not set to False or is missing, this is a finding.

Fix Text

Set DEBUG:

1. As root, open /etc/xylok.conf in a text editor.

2. Add/Amend "DEBUG=False" to the configuration file.

3. Restart Xylok to apply settings by executing the following:
    # systemctl restart xylok