The Shutdown worker processes Idle Timeout monitor must be enabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-13708 | WA000-WI6028 IIS6 | SV-38125r1_rule | ECSC-1 | Medium |
| Description |
|---|
| A worker process handles all application execution, including authentication and authorization, as well as, ISAPI filter and extension loading. This executable process is called W3WP.exe. When acting as the worker process manager, the www service is responsible for controlling the lifetime of all worker processes that are processing requests. The management console allows it to configure, options such as when to start or recycle a worker process, how many requests to serve before recycling, and what to do if the worker becomes blocked or unable to continue processing requests. |
| STIG | Date |
|---|---|
| IIS6 Site | 2014-12-10 |
Details
| Check Text ( C-37403r2_chk ) |
|---|
| 1. Open the IIS Manager > Right click on the Application Pool that corresponded to the website being reviewed > Select Properties > Select the Performance tab. 2. Ensure the Shutdown worker process idle timeout monitor is enabled and the value is set to 20 or less. If the value is not set properly, this is a finding. NOTE: This vulnerability can be documented locally by the IAM/IAO if the site has operational reasons for an increased value. If the IAM/IAO has approved this change in writing, this should be marked as not a finding. |
| Fix Text (F-32639r1_fix) |
|---|
| 1. Open the IIS Manager > Right click on the desired Application Pool > Select Properties > Select the Performance tab. 2. Ensure the Shutdown worker process idle timeout monitor is enabled and the value is set to 20 or less. |