Directory Listing (Apache)
Severity:
Information
Summary
Invicti identified a Directory Listing (Apache).
The web server responded with a list of files located in the target directory.
Impact
An attacker can see the files located in the directory and could potentially access files which disclose sensitive information.
Remediation
Required Skills for Successful Exploitation
Actions To Take
- Change your server configuration file. A recommended configuration for the requested directory should be in the following format:<Directory /{YOUR DIRECTORY}>
Options FollowSymLinks
</Directory>
Remove the Indexes option from configuration. Do not forget to remove MultiViews as well. - Configure the web server to disallow directory listing requests.
- Ensure that the latest security patches have been applied to the web server and the current stable version of the software is in use.
Vulnerability Index
You can search and find all vulnerabilities
Select Category
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Featured resources
Build your resistance to threats. And save hundreds of hours each month.
