Skip to content

Audit#

Run the following command to verify apache2 is not installed:

dpkg-query -s apache2 &>/dev/null && echo "apache2 is installed"#

Nothing should be returned.

Run the following command to verify **nginx** is not installed:
# dpkg-query -s nginx &>/dev/null && echo "nginx is installed"
Nothing should be returned.

- OR - - IF - the package is installed and is required for dependencies: Run the following command to verify apache2.socket, apache2.service and nginx.service are not enabled: 

# systemctl is-enabled apache2.socket apache2.service nginx.service 2>/dev/null | grep 'enabled'
Nothing should be returned.

Run the following command to verify apache2.socket, apache2.service and nginx.service are not active: 

# systemctl is-active apache2.socket apache2.service nginx.service 2>/dev/null | grep '^active'
Nothing should be returned.

Note: If the package is required for a dependency - Other web server packages may exist. They should also be audited, if not required and authorized by local site policy - If the package is required for a dependency: - Ensure the dependent package is approved by local site policy - Ensure stopping and masking the service and/or socket meets local site policy

Remediation#

Run the following commands to stop httpd.socket, httpd.service, and nginx.service, and remove apache2 and nginx packages: 

# systemctl stop apache2.socket apache2.service nginx.service
# apt purge apache2 nginx

- OR - - IF - the bind9 package is installed and is required for dependencies: Run the following commands to stop and mask apache2.socket, apache2.service and nginx.service: 

# systemctl stop apache2.socket apache2.service nginx.service
# systemctl mask apache2.socket apache2.service nginx.service

Note: Other web server packages may exist. If not required and authorized by local site policy, they should also be removed. If the package is required for a dependency, the service and socket should be stopped and masked.