{"description": "Use only secure encrypted logons and connections for uploading files to the web\nsite.", "rationale": "Logging in to a web server via an unencrypted protocol or service, to upload\ndocuments to the web site, is a risk if proper encryption is not utilized to\nprotect the data being transmitted. An encrypted protocol or service must be\nused for remote access to web administration tasks.", "severity": "high", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "it is not", "ocil": "Determine if there is a process for the uploading of files to the web site.\nThis process should include the requirement for the use of a secure encrypted\nlogon and secure encrypted connection. If the remote users are uploading files\nwithout utilizing approved encryption methods, this is a finding.", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Encrypt All File Uploads", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_encrypt_file_uploads/rule.yml", "template": null}