Source Code Disclosure
Description
The application is exposing server-side source code to users, allowing unauthorized access to files that should only be processed on the server. This occurs when web servers serve source code files (such as .asp, .php, .jsp, or configuration files) as plain text instead of executing them. The detection uses pattern matching to identify server-side code tags in HTTP responses, which may occasionally produce false positives.
Remediation
Take the following steps to remediate this vulnerability:
1. Identify and remove exposed files: Delete any source code files, backup files (.bak, .old, .tmp), or configuration files from publicly accessible directories.
2. Configure web server properly: Ensure your web server is configured to execute (not display) server-side scripts. Verify that file handlers are correctly mapped for all script extensions.
3. Restrict directory access: Configure web server to deny access to sensitive file types:
Apache (.htaccess):
<FilesMatch "\.(bak|config|sql|inc|old|tmp)$">
Require all denied
</FilesMatch>
Nginx:
location ~* \.(bak|config|sql|inc|old|tmp)$ {
deny all;
}4. Move sensitive files outside web root: Store configuration files, include files, and libraries outside the publicly accessible web directory.
5. Implement access controls: Set appropriate file permissions to prevent unauthorized access (e.g., 640 or 600 for sensitive files).
6. Review deployment process: Ensure your deployment pipeline excludes development files, backups, and source control directories (.git, .svn) from production environments.