HTTP Directory Listing Vulnerability Definition, Impact and Recommendations
Pentest The most common security vulnerability during operations, which can lead to access to domain admin rights; HTTP Directory Listing.
What is HTTP Directory Listing?
HTTP Directory Listing, It is achieved by having an HTTP client (usually an internet browser) request the URL of the directory instead of the homepage. This feature is a feature used by web servers to display directory contents.
HTTP directory listing vulnerability usually appears on the index.html page. However, modern HTTP servers can be reconfigured quite easily, so this vulnerability can be closed.
What is the Effect of HTTP Directory Listing Vulnerability on the System?
Listing relevant directories using a request to the web server poses a risk to the server. In systems with directory listing vulnerability, sensitive data can be detected in the directories listed. In addition, the services being used and their version information can also be obtained by using the directory listing vulnerability. An attacker who obtains this information can gain unauthorized access to the system by using other vulnerabilities in the relevant services.
How to Close the HTTP Directory Listing Gap? - Solution offers
HTTP Directory Listing You can turn off the feature from your server's settings. If you want the directories to be listed but do not want them to be visible to a third party, you can create an index (empty file) file in these directories for the data you choose. This way, the directories will be listed for web browsers and appear as they should for the end user. (The end user does not see the directories in a listed form, but sees the designed format of the web page.)
If new directories are added and the creation of index folders is skipped when the publishing phase is started after the trial or development process, the server may be exposed to serious risks. In addition, keeping the services used up to date will make it difficult for attackers who exploit such vulnerabilities.
For Apache Web Server
Directory Listing vulnerability can be closed by adding the following line in the Apache httpd.conf file from the Settings folder.
- Options -Indexes
For Nginx Web Servers
Directory Listing feature is turned off as standard on nginx web servers. However, if you think that this feature may have been changed by someone else later, you need to change the autoindex=on setting to autoindex=off in the ngnix.conf setting file.
HTTP Directory Listing Although the vulnerability itself is not a high or critical level vulnerability, the listed directories can cause sensitive information to be disclosed. For this reason, it is a security vulnerability that needs to be focused on and action should be taken immediately.