STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Web Server Security Requirements Guide

V-279029

CAT I (High)

The web server must be a version supported by the vendor.

Rule ID

SV-279029r1138083_rule

STIG

Web Server Security Requirements Guide

Version

V4R4

CCIs

CCI-003376

Discussion

Unsupported software and systems should not be used because fixes to newly identified bugs will not be implemented by the vendor. The lack of support can result in potential vulnerabilities. Software and systems at unsupported servicing levels or releases will not receive security updates for new vulnerabilities, which leaves them subject to exploitation. When maintenance updates and patches are no longer available, software is no longer considered supported and should be upgraded or decommissioned.

Check Content

Verify that the web server is a version supported by the vendor.

If the web server is not a version supported by the vendor, this is a finding.

Fix Text

Install or upgrade the webserver to a version supported by the vendor.