min read

Directory Browsing

It is possible to view a listing of the directory contents.

Summary

It is possible to view a listing of the directory contents. Directory listings may reveal hidden scripts, include files, backup source files, etc., which be accessed to reveal sensitive information.

Solution

Configure the webserver to disable directory browsing.

References

https://www.zaproxy.org/docs/alerts/10033/
https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html
https://owasp.org/Top10/A05_2021-Security_Misconfiguration/
https://cwe.mitre.org/data/definitions/548.html

Secure Your Startup. Today.

We make your startup secure and compliant by implementing and managing the security controls your customers require.

Get Started

Latest Articles

View All Articles

Navigating GDPR Compliance on AWS

How to secure your AWS environment in compliance with the GDPR?

Mitigations

min read

Plan Your Security Roadmap

Check out how other startups become secure and compliant.

Mitigations

min read

Server Leaks Information via 'X-Powered-By' HTTP Response Header Field(s)

The web/application server is leaking information via one or more “X-Powered-By” HTTP response headers.

Vulnerabilities

min read