.htaccess File Detected
Summary#
Invicti detected an exposed .htaccess file.
Impact#
.htaccess files are configuration files for the Apache web server that can be used to override certain server configuration options on a per-directory basis using a human readable file.
If their contents are exposed, attackers can gain valuable insight into your server configuration and may read sensitive data can aid them in further attacks.
Remediation#
- Make sure that .htaccess files are not readable when you directly access them via your web browser.
- If possible try to apply the configuration options within the virtual host configuration file and deactivate the possibility of using .htaccess files.
- This will not only enhance performance
- Additionally it is more secure and helps to avoid situations where an attacker can upload their own .htaccess file to the server.
External References#
Classifications#
Further Reading#
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Tags
Related Vulnerabilities
