The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Shocked to see that DIRECTORY INDEXING is ON for all hosted accounts!

Discussion in 'Security' started by jols, Dec 7, 2011.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    I believe this did not used to be the case, but now anyone can view the file contents in very nearly every account we host if there is no index file (e.g. index.html, index.htm, etc.) within that directory. This is a security hazzard to say the least.

    I know, that the account owner can access their cPanel and switch off indexing there, but this should be OFF by default? No?

    Okay, so in cPanel ---> Index Manager, we have the top option "Default System Setting" So where is the default system setting? I can not find any controls for this in WHM.
     
  2. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator
    Assuming you have root WHM you go to:
    Service Configuration-> Apache Configuration-> Global Configuration-> Directory “/” Options
     
  3. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
Loading...

Share This Page