Free DISA STIG and SRG Library | Vaulted
  1. Security Guide Library
  2. IIS6 Site
  3. V-13711

V-13711

The Enable rapid-fail protection monitor must be enabled.

Finding ID
WA000-WI6034 IIS6
Rule ID
SV-38044r2_rule
Severity
Cat II
CCE
(None)
Group Title
WA000-WI6034
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

A worker process handles all application execution, including authentication and authorization, as well as, ISAPI filter and extension loading. This executable process is called W3WP.exe. When acting as the worker process manager, the www service is responsible for controlling the lifetime of all worker processes that are processing requests. The management console allows it to configure options, such as when to start or recycle a worker process, how many requests to serve before recycling, and what to do if the worker becomes blocked or unable to continue processing requests.

Fix Text

1. Open the IIS Manager > Right click on the desired Application Pool > Select Properties > Select the Health tab. 2. Ensure the Enable rapid-fail protection monitor is enabled and the value is set to 5 or less.

Check Content

1. Open the IIS Manager > Right click on the Application Pool that corresponded to the website being reviewed > Select Properties > Select the Health tab. 2. Ensure the Enable rapid-fail protection monitor is enabled and the value is set to 5 or less. If the value is not set properly, this is a finding. NOTE: This vulnerability can be documented locally by the ISSM/ISSO if the site has operational reasons for an increased value. If the ISSM/ISSO has approved this change in writing, this should be marked as not a finding.

Responsibility

Web Administrator

IA Controls

ECSC-1

Vaulted is more than a library.

SIGN UP FOR FREE