index.html is a default document that is automatically loaded when someone visits the webpage. If its not loaded the visitor has access to view ALL your files in your directory. Some files are not meant to be seen by the visitor because it can give information that may comprise your security.
Lets use www.example.com/folder/photo.html as an example. If photo.html part of the url is deleted (www.example.com/folder ) the visitor now has access to see all your files in that directory/folder. To avoid this vulnerability put an index.html in every folder inside your website.
CodeIgniter is a PHP framework which follows this concept.
Check out the site example below
Lets use www.example.com/folder/photo.html as an example. If photo.html part of the url is deleted (www.example.com/folder ) the visitor now has access to see all your files in that directory/folder. To avoid this vulnerability put an index.html in every folder inside your website.
CodeIgniter is a PHP framework which follows this concept.
Check out the site example below
Now delete /edit/ to see what page it leads you to
No comments:
Post a Comment