Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Shocked to see that DIRECTORY INDEXING is ON for all hosted accounts!

Discussion in 'Security' started by jols, Dec 7, 2011.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    3
    Trophy Points:
    168
    I believe this did not used to be the case, but now anyone can view the file contents in very nearly every account we host if there is no index file (e.g. index.html, index.htm, etc.) within that directory. This is a security hazzard to say the least.

    I know, that the account owner can access their cPanel and switch off indexing there, but this should be OFF by default? No?

    Okay, so in cPanel ---> Index Manager, we have the top option "Default System Setting" So where is the default system setting? I can not find any controls for this in WHM.
     
  2. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    11
    Trophy Points:
    168
    Location:
    Finland
    cPanel Access Level:
    Root Administrator
    Assuming you have root WHM you go to:
    Service Configuration-> Apache Configuration-> Global Configuration-> Directory “/” Options
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    3
    Trophy Points:
    168
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice