summaryrefslogtreecommitdiff
path: root/doc/user/application_security/dast/checks/548.1.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/user/application_security/dast/checks/548.1.md')
-rw-r--r--doc/user/application_security/dast/checks/548.1.md8
1 files changed, 4 insertions, 4 deletions
diff --git a/doc/user/application_security/dast/checks/548.1.md b/doc/user/application_security/dast/checks/548.1.md
index 94f747739c5..d6371c5491d 100644
--- a/doc/user/application_security/dast/checks/548.1.md
+++ b/doc/user/application_security/dast/checks/548.1.md
@@ -8,8 +8,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w
## Description
-The target web server is configured to list the contents of directories that do not contain an index file
-such as `index.html`. This could lead to accidental exposure of sensitive information, or give an attacker
+The target web server is configured to list the contents of directories that do not contain an index file
+such as `index.html`. This could lead to accidental exposure of sensitive information, or give an attacker
details on how filenames and directories are structured and stored.
## Remediation
@@ -17,11 +17,11 @@ details on how filenames and directories are structured and stored.
Directory indexing should be disabled.
Apache:
-For Apache based web sites, ensure all `<Directory>` definitions have `Options -Indexes` configured in the
+For Apache based web sites, ensure all `<Directory>` definitions have `Options -Indexes` configured in the
`apache2.conf` or `httpd.conf` configuration file.
NGINX:
-For NGINX based websites, ensure all `location` definitions have the `autoindex off` directive set in the
+For NGINX based websites, ensure all `location` definitions have the `autoindex off` directive set in the
`nginx.conf` file.
IIS: