If directory browsing is enabled by default for this site, a hacker can easily access all the files inside private by merely typing in the browser. Let’s say you have a site with the following domain name – and you create a folder named private. How would he be able to do that? So here is a scenario. Thich would aid an attacker in hatching an attack on your WordPress blog. Why is disabling directory browsing important?Ī web server that is configured to display all the contents of your website would lead to an information disclosure issue. ![]() If you don’t disable it, then it would be like serving your site to the hackers, on a platter! 2. You do need to make sure that directory browsing in WordPress website has been disabled. Most web servers are configured to not display the contents of your directory (or directory listing as it is often referred to). This means all the files and folders inside the directory are on display! However, in the absence of an index file, the web server displays the entire contents of the directory that was requested by the browser. ![]() Typically, the index file (“index.html” or “index.php”) is the first file the web server serves up when a browser sends a request. ![]() Directory browsing enabled on our website.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |