Mostly you observe this directory listing in many websites :
Ex: www.demo.com/
like traversing direcotries trying www.demo.com/images/
there is a possibilty that an attacker tries to look for hidden directories and there is possibility
of finding possible web confg files too.
to disable this
In Apache:
---------------
goto file called httpd.conf
and search for:
Options Indexes FollowSymLinks
now just add ' - ' before indexes like :
Options -Indexes FollowSymLinks
In IIS 7:
----------
Open IIS manager and go to the level or navigate to manage.
then in "Feature view" . Double-click " Directory browsing "
In " Actions " pane click Disable if directory browsing is enabled.
Ex: www.demo.com/
like traversing direcotries trying www.demo.com/images/
there is a possibilty that an attacker tries to look for hidden directories and there is possibility
of finding possible web confg files too.
to disable this
In Apache:
---------------
goto file called httpd.conf
and search for:
Options Indexes FollowSymLinks
now just add ' - ' before indexes like :
Options -Indexes FollowSymLinks
In IIS 7:
----------
Open IIS manager and go to the level or navigate to manage.
then in "Feature view" . Double-click " Directory browsing "
In " Actions " pane click Disable if directory browsing is enabled.
2 comments:
Nice post keeps on posting this type of interesting and informative articles.
free masters samples
Pretty interesting post. Thanks for taking the time to share your view with us.
writemy-essay.net/contact-us
Post a Comment