STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Apache Server 2.4 Windows Server Security Technical Implementation Guide

V-214320

CAT II (Medium)

The Apache web server must not be a proxy server.

Rule ID

SV-214320r1051286_rule

STIG

Apache Server 2.4 Windows Server Security Technical Implementation Guide

Version

V3R4

CCIs

CCI-000381

Discussion

A web server should be primarily a web server or a proxy server but not both, for the same reasons that other multiuse servers are not recommended. Scanning for web servers that will also proxy requests into an otherwise protected network is a very common attack, making the attack anonymous.

Check Content

If the server has been approved to be a proxy server, this requirement is Not Applicable.

Open the <'INSTALL PATH'>\conf\httpd.conf file with an editor and search for the following directive:

ProxyRequests

If the ProxyRequests directive is set to "On", this is a finding.

Fix Text

Open the <'INSTALL PATH'>\conf\httpd.conf file with an editor and search for the following directive:

ProxyRequests

Set the directive to a value of "off".

Restart the Apache service.