Skip to content

Latest commit

 

History

History
executable file
·
37 lines (15 loc) · 608 Bytes

default-installation-files.md

File metadata and controls

executable file
·
37 lines (15 loc) · 608 Bytes

Default installation files on xxx.xxx.xxx.xxx

Hi,

One of your server xxx.xxx.xxx.xxx serves default Apache files.

PoC

https://xxx.xxx.xxx.xxx/ {}

Risk

While this does not represent a real security issue, it's always a good practice to remove default installation files. Certain files could reveal important informations about your system and could be used by a malicious user for a future attack.

Remediation

Disable or remove default installation files on production servers.

See also

http://projects.webappsec.org/w/page/13246922/Directory%20Indexing

Best regards,

Gwen