.htaccess Information Leak

Risk:
Medium

Type:
Active

CWE:
CWE-94

Summary: htaccess files can be used to alter the configuration of the Apache Web Server software to enable/disable additional functionality and features that the Apache Web Server software has to offer.

Solution: Ensure the .htaccess file is not accessible.

References

https://developer.mozilla.org/en-US/docs/Learn/Server-side/Apache_Configuration_htaccess

https://httpd.apache.org/docs/2.4/howto/htaccess.html