VCLD-67-000004 - VAMI must be configured to monitor remote access.


Remote access can be exploited by an attacker to compromise the server. By recording all remote access activities, it will be possible to determine the attacker's location, intent, and degree of success.

VAMI uses the 'mod_accesslog' module to log information relating to remote requests. These logs can then be piped to external monitoring systems.

Satisfies: SRG-APP-000016-WSR-000005


Navigate to and open /opt/vmware/etc/lighttpd/lighttpd.conf.

Add the following value in the 'server.modules' section:


The result should be similar to the following:

server.modules = (
# 7

Supportive Information

The following resource is also helpful.

This security hardening control applies to the following category of controls within NIST 800-53: Access Control, Audit and Accountability.This control applies to the following type of system Unix.