| Details | |
|---|---|
| Alert ID | 40032 |
| Alert Type | Active |
| Status | release |
| Risk | Medium |
| CWE | 94 |
| WASC | 14 |
| Technologies Targeted |
WS / Apache |
| Tags |
OWASP_2017_A06 OWASP_2021_A05 POLICY_PENTEST POLICY_QA_FULL WSTG-V42-CONF-05 |
| More Info |
Scan Rule Help |
Summary
htaccess files can be used to alter the configuration of the Apache Web Server software to enable/disable additional functionality and features that the Apache Web Server software has to offer.
Solution
Ensure the .htaccess file is not accessible.Other Info
References
- https://developer.mozilla.org/en-US/docs/Learn_web_development/Extensions/Server-side/Apache_Configuration_htaccess
- https://httpd.apache.org/docs/2.4/howto/htaccess.html