This article is a part of our Web Security Knowledge Base (back to index)

Why Directory Browsing - Apache 2 can be dangerous

It is possible to view a listing of directory contents, which may lead to a serious data leakage, such as data structures, hidden scripts and files. Sensitive data and server configuration can be accessed by the attacker and used to perform further attacks.

How to fix Directory Browsing - Apache 2

Disable directory browsing and indexing for your server configuration.

If directory browsing is required, make sure the listed files do not induce risk.

How does ScanRepeat report Directory Browsing - Apache 2

ScanRepeat looks for any possibility to get to the directory listings. It reports every occurrence of such a vulnerability and provides the URL of the issue along with the evidence of the directory contents read.

Would you like to test your application now against this problem? Sign up for our free trial

Scan Your Web App Now
Scan your application
for 14 days for free

No credit card is required. No commitment.

Sign Up Free