{"description": "All accessible web directories should be configured with similarly restrictive settings.\nThe <tt>Options</tt> directive should be limited to necessary functionality and the <tt>AllowOverride</tt>\ndirective should be used only if needed. The <tt>Order</tt> and <tt>Deny</tt> access control tags\nshould be used to deny access by default, allowing access only where necessary.", "rationale": "Directories accessible from a web client should be configured with the least amount of\naccess possible in order to avoid unauthorized access to restricted content or server information.", "severity": "unknown", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": null, "ocil": null, "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Restrict Other Critical Directories", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_critical_directories/rule.yml", "template": null}