I recently ran some penetration testing software on my web site and was surprised for it to report that one of my directory listings was publicly accessible.
It is the directory of the root user which is available.
Results in this page content:
Index of /~root
* Parent Directory
* cgi-bin/
Platform: I am creating PHP websites, with Symfony on Linux with Apache.
Is this something that I can configure through Apache?
You could create a .htaccess
file in that directory, or have a <directory>...</directory>
block in your Apache configuration that specifies:
Options -Indexes
See the Apache options directive documentation for more details.