Details
Alert Id 40032
Alert Type Active
Status release
Risk Medium
CWE 94
WASC 14
Tags OWASP_2017_A06
OWASP_2021_A05
WSTG-V42-CONF-05

Summary

htaccess files can be used to alter the configuration of the Apache Web Server software to enable/disable additional functionality and features that the Apache Web Server software has to offer.

Solution

Ensure the .htaccess file is not accessible.

References

Code

org/zaproxy/zap/extension/ascanrules/HtAccessScanRule.java