{"description": "The <tt>status</tt> module provides real-time access to statistics on the internal operation of\nthe web server. This may constitute an unnecessary information leak and should be disabled\nunless necessary. To do so, comment out the related module:\n<pre>#LoadModule status_module modules/mod_status.so</pre>\nIf there is a critical need for this module, ensure that access to the status\npage is properly restricted to a limited set of hosts in the status handler\nconfiguration.", "rationale": "Minimizing the number of loadable modules available to the web server reduces risk\nby limiting the capabilities allowed by the web server.", "severity": "unknown", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": null, "ocil": null, "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Disable Server Activity Status", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_activity_status/rule.yml", "template": null}