Re: Directories Being Probed Even When Index Listing Denied

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 03/21/2011 03:28 AM, aaronrus@xxxxxxxxxxx wrote:
If a PHP Shell can be uploaded. http://phpshell.sourceforge.net/ Then any thing www-data can do so can the shell user, As stated in my post about virtual hosts seeing each others document roots.

If you post the root password on your website, then anybody can bring the machine down.
It's not very useful to do so, however.


----- Original Message -----
From: "ASAI" <asai@xxxxxxxxxxxxxxxxxxxxx>
To: users@xxxxxxxxxxxxxxxx
Sent: Saturday, March 19, 2011 6:09:51 PM
Subject: Directories Being Probed Even When Index Listing Denied

Greetings,

I am hosting a domain with no website which is a gateway for several
applications. ÂDirectory indexes are turned off, however I noticed in
the logs today that one the directories which has no reference to the
outside world was probed. ÂIs it possible that one can get the directory
listing of a host even when index listing is turned off through some
other agency?

How do I guard against things like this?

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
ÂÂ " Â from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



-- 
J.
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux