Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add code to control SV-218827 #1

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Conversation

georgedias
Copy link
Collaborator

Add code block to satisfy this requirements:

  desc 'check', 'Access the IIS 10.0 Web Server.
Open IIS Manager.
Click the IIS 10.0 web server name.
Open on Configuration Editor under Management.
For the Section, navigate to system.applicationHost/sites.
Expand siteDefaults and HSTS.
If enabled is not set to True, this is a finding.
If includeSubDomains is not set to True, this is a finding.
If max-age is not set to a value greater than 0, this is a finding.
If redirectHttpToHttps is not True, this is a finding.

If the website is behind a load balancer or proxy server, and HSTS enablement is handled there, this is Not Applicable.

If the version of Windows Server does not natively support HSTS, this is not a finding.'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant