Apache Mixed Platform AddType Directive Information Disclosure
Posted on 2014-11-25
Hi have have the below issue showing up on my security scan. it says I need to Ensure that the document root is not located on a Windows SMB share. How would I do this? It's hosted on a ubuntu 12 box
The remote host appears to be running Apache. When Apache runs on a Unix host with a document root on a Windows SMB share, remote, unauthenticated attackers could obtain the unprocessed contents of the directory. For example, requesting a PHP file with a trailing backslash could display the file's source instead of executing it.
Ensure that the document root is not located on a Windows SMB share.