[How To] Website Security/Optimize Peformance [Important]
-------
Exploit #1 (WebDav) ------- How do I know if this could apply to me? Your website and/or website is hosted on your computer, vps, or dedicated server. To host your server you're using any of the following web servers; XAMPP, WAMPP. You have apache running on your computer, vps, or dedicated server. How do I check if this applies to me? Go to the start menu on your computer, find "Computer". Right click and press "Map Network Drive". For the folder location, enter "http://yourwebsiteorip.com/webdav/". If it connects, and shows a login screen, you're vulnerable to this. Go to "http://yourwebsiteorip.com/webdav/" in your web browser. If a webdav test page pops up, you're vulnerable to this unless you already did the guide to fix it (suggested you do the top test to be sure). How do I fix this? Go into the XAMPP folder located in C:\XAMPP\. Go into apache > conf > extra > httpd-dav.conf (open that file). Find the following line: Code: <Directory "C:/xampp/webdav"> Dav On Order Allow,Deny Allow from all Replace it with the following line: Code: <Directory "C:/xampp/webdav"> Dav Off Order Deny,Allow Deny from all Once you've saved the changes, restart your web server and you're set to go. |
All times are GMT. The time now is 01:59 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
vB.Sponsors