Runbook

Unauthorized Directory Access in Apache HTTPD.

Back to Runbooks

Back to Runbooks

Overview

This incident type refers to an unauthorized access to directories in Apache HTTPD, which is a widely used web server software. It means that someone was able to access files or directories that they were not supposed to, without having proper authorization. This type of incident can potentially lead to sensitive data being exposed or even stolen, and can compromise the security of the server and the applications running on it.

Parameters

Debug

Check Apache httpd server status

Check Apache httpd server logs

Check Apache httpd server configuration

Check Apache httpd server virtual hosts configuration

Check Apache httpd server document root directory permissions

Check Apache httpd server directory index file permissions

Check Apache httpd server directory listing configuration

Check Apache httpd server .htaccess file configuration

Repair

Review and update the Apache HTTPD configuration files to ensure that all directories are properly secured and access is restricted to authorized users only. Use the "deny from all" directive to block access to unauthorized users.

Learn more

Related Runbooks

Check out these related runbooks to help you debug and resolve similar issues.

Virtual Host Mismatches on Apache Server.

Virtual Host Mismatches on Apache Server.

Apache-Server

Slowloris Attack Detected on Apache server.

Slowloris Attack Detected on Apache server.

Apache-Server

Apache SQL Injection Attempts in URI Incident

Apache SQL Injection Attempts in URI Incident

Apache-Server

Inadequate SSL/TLS Configuration for Apache HTTP Server.

Inadequate SSL/TLS Configuration for Apache HTTP Server.

Apache-Server