Ensure Web Server Services Are Disabled and Not Running : iCompaas Support

Profile Applicability:
• Level 1

Description:
Web server services such as Apache or Nginx serve web content over the network. If the system is not intended to host web services, these should be disabled to reduce exposure to network attacks and minimize the system’s attack surface.

Rationale:
Disabling unused web server services limits potential entry points for attackers and helps maintain a minimal service footprint for better security.

Impact:
Pros:

Reduces risk of exploitation through web server vulnerabilities.
Minimizes unnecessary network services.

Cons:

Disabling web servers on systems that require them will disrupt web services.

Default Value:
Web server services may be enabled or running by default on some systems.

Pre-requisites:

Root or sudo privileges to manage system services.

Remediation:

Test Plan:

Using Linux command line:

1. Check if web server services are enabled:

systemctl is-enabled httpd  
systemctl is-enabled nginx

2. Check if web server services are running:

systemctl status httpd  
systemctl status nginx

Implementation Plan:

Using Linux command line:

1. Disable web server services:

systemctl disable httpd  
systemctl disable nginx

2. Stop running web server services:

systemctl stop httpd  
systemctl stop nginx

3. Verify services are disabled and stopped:

systemctl is-enabled httpd  
systemctl is-enabled nginx  
systemctl status httpd  
systemctl status nginx

Backout Plan:

Using Linux command line:

1. Enable and start web server services if required:

systemctl enable httpd  
systemctl start httpd  
systemctl enable nginx  
systemctl start nginx

2. Verify service status.

References:

CIS Amazon Linux 2 Benchmark v3.0.0
Systemd Service Management

Ensure Web Server Services Are Disabled and Not Running Print

Test Plan:

Implementation Plan:

Backout Plan:

Related Articles