Microsoft IIS Server service.cnf file found
Description
Microsoft Internet Information Services (IIS) may expose a configuration file named service.cnf in the web root directory. This file can contain sensitive server configuration details, internal paths, service settings, and potentially authentication information that should not be publicly accessible. Attackers can retrieve this file through standard HTTP requests, gaining reconnaissance information about the server infrastructure.
Remediation
Remove the service.cnf file from all publicly accessible web directories if it is not required for application functionality. If the file must remain on the server, implement access restrictions using one of the following methods:
1. Delete the file if not needed:
- Navigate to the web root directory (typically C:\inetpub\wwwroot\)
- Locate and delete service.cnf
2. Restrict access using IIS Request Filtering:
- Open IIS Manager
- Select the website or application
- Double-click "Request Filtering"
- Go to "Hidden Segments" tab
- Add "service.cnf" to the hidden segments list
3. Use web.config to deny access:
<configuration>
<system.webServer>
<security>
<requestFiltering>
<hiddenSegments>
<add segment="service.cnf" />
</hiddenSegments>
</requestFiltering>
</security>
</system.webServer>
</configuration>After implementing restrictions, verify that the file is no longer accessible by attempting to access it through a web browser.