Aleks
asked on
Web server reveals absolute path
I have a Windows 2012R2 server. I ran a PCI scan and the only vulnerability I found was " The Web server can be triggered to reveal the absolute path for the Web root directory and/or other software installed on the host"
The application we host requires parent paths to be enabled in IIS. I am not sure if this is causing the issue and if it is then what needs to be done with the application in order to be able to disable parent paths.
How can I resolve this issue?
The application we host requires parent paths to be enabled in IIS. I am not sure if this is causing the issue and if it is then what needs to be done with the application in order to be able to disable parent paths.
How can I resolve this issue?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thx! We have a lot of include files. Will take some time to fix.
what tool are you using to get that message?