Rule ID
SV-218777r961863_rule
Version
V2R15
CCIs
Rapid fail protection is a feature that interrogates the health of worker processes associated with websites and web applications. It can be configured to perform a number of actions such as shutting down and restarting worker processes that have reached failure thresholds. By not setting rapid fail protection, the web server could become unstable in the event of a worker process crash potentially leaving the web server unusable.
Note: If the IIS Application Pool is hosting Microsoft SharePoint, this is Not Applicable. If this IIS 10.0 installation is supporting Microsoft Exchange, and not otherwise hosting any content, this requirement is Not Applicable. Open the IIS 10.0 Manager. Click "Application Pools". Perform the following for each Application Pool: Highlight an Application Pool to review and click "Advanced Settings" in the "Actions" pane. Scroll down to the "Rapid Fail Protection" section and verify the value for "Enabled" is set to "True". If the "Rapid Fail Protection:Enabled" is not set to "True", this is a finding.
Open the IIS 10.0 Manager. Click "Application Pools". Perform the following for each Application Pool: Highlight an Application Pool to review and click "Advanced Settings" in the "Actions" pane. Scroll down to the "Rapid Fail Protection" section and set the value for "Enabled" to "True". Click "OK".