This article is a part of our Web Security Knowledge Base (back to index)
Why Directory Browsing - Apache 2 can be dangerous
It is possible to view a listing of directory contents, which may lead to a serious data leakage, such as data structures, hidden scripts and files. Sensitive data and server configuration can be accessed by the attacker and used to perform further attacks.
How to fix Directory Browsing - Apache 2
Disable directory browsing and indexing for your server configuration.
If directory browsing is required, make sure the listed files do not induce risk.
How does ScanRepeat report Directory Browsing - Apache 2
ScanRepeat looks for any possibility to get to the directory listings. It reports every occurrence of such a vulnerability and provides the URL of the issue along with the evidence of the directory contents read.
Would you like to test your application now against this problem? Sign up for our free trial
Scan Your Web App Now