Documentation files
Description
Documentation files such as README.txt, CHANGELOG.txt, INSTALL.txt, or similar files have been discovered on the web server. These files are typically intended for developers and often contain information about the application name, version number, directory structure, configuration details, or known issues. When left accessible in production environments, they provide attackers with valuable reconnaissance information that can be used to identify the specific software and version in use, enabling targeted exploitation of known vulnerabilities.
Remediation
Remove all documentation files from production web servers. Follow these steps to remediate this vulnerability:
1. Identify and remove documentation files: Delete files such as README, CHANGELOG, INSTALL, TODO, HISTORY, LICENSE, and any other development-related documentation from publicly accessible directories.
2. Configure web server to deny access: If files cannot be removed, configure your web server to block access to these file types.
For Apache (.htaccess or httpd.conf):
<FilesMatch "^(readme|changelog|install|todo|history|license|contributing).*\.txt$">
Require all denied
</FilesMatch>For Nginx (nginx.conf):
location ~* ^.+\.(readme|changelog|install|todo|history|license|contributing).*\.txt$ {
deny all;
return 404;
}For IIS (web.config):
3. Implement secure deployment practices: Establish a deployment process that excludes documentation files from production builds. Use .gitignore or similar mechanisms to prevent these files from being deployed.
4. Verify remediation: After implementing changes, verify that documentation files are no longer accessible by attempting to access them directly through a web browser or using automated scanning tools.