Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

PCI Compliance: Indexable and Discovered Directories

Discussion in 'General Discussion' started by rpertiet, May 27, 2008.

  1. rpertiet

    rpertiet Member

    Joined:
    Apr 21, 2007
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    151
    During PCI compliance scanning the following directories were discovered and / or indexable. How can I fix this (remove, block, or whatever)?

    /usr/local/cpanel/img-sys/
    /usr/local/cpanel/java-sys/
    /usr/local/apache/icons/
    /usr/local/apache/manual/
    /usr/local/apache/manual/images/

    Thanks!
     
  2. DaveUsedToWorkHere

    DaveUsedToWorkHere Well-Known Member

    Joined:
    Dec 28, 2001
    Messages:
    689
    Likes Received:
    1
    Trophy Points:
    318
    That means that you have directives like this in /usr/local/apache/conf/httpd.conf:

    Code:
    <Directory "/usr/local/apache/htdocs">
        Options Includes Indexes FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>
    
    To prevent indexing, change Indexes to -Indexes. Alternatively, you could remove the directive(s) if you do not wish for those directories to be web accessible. Then run
    Code:
    /usr/local/apache/bin/apachectl configtest
    to ensure you did not break the configuration file. If it says OK then run
    Code:
    /usr/local/cpanel/bin/apache_conf_distiller
    to save the changes and finally run
    Code:
    /usr/local/apache/bin/apachectl graceful
    to restart Apache.
     
  3. rpertiet

    rpertiet Member

    Joined:
    Apr 21, 2007
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    151
    Great, thanks!
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice