mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-02-10 12:43:29 +08:00
33 lines
961 B
YAML
33 lines
961 B
YAML
id: file-disable-directory-listing
|
|
|
|
info:
|
|
name: Disable Apache2 Directory Listing
|
|
author: pussycat0x
|
|
severity: medium
|
|
description: |
|
|
Directory listing should be disabled to prevent unauthorized users from browsing server directories.
|
|
remediation: |
|
|
Add 'Options -Indexes' in the Apache configuration file or .htaccess file.
|
|
reference:
|
|
- https://httpd.apache.org/docs/2.4/mod/core.html#options
|
|
metadata:
|
|
verified: true
|
|
tags: audit,config,file,apache,hardening
|
|
|
|
file:
|
|
- extensions:
|
|
- conf
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "<Directory"
|
|
- "<FilesMatch"
|
|
condition: and
|
|
|
|
- type: word
|
|
words:
|
|
- "Options Indexes"
|
|
negative: true
|
|
# digest: 4b0a00483046022100f3a0ad6c0011cad86d6c5bbcf4f760c8549ea3f15e76c9ecea439817c3d1547f022100916db4313d7dba5b213350d4157b3b68f6db04f808f59271c57c8ae09531f18a:922c64590222798bb761d5b6d8e72950 |