All websites built by serv00 have security issues, please help!

luku

All built websites have Directory Traversal, for example, the website directory: /domains/public_html/test/. If there are other directory files in /test/, by accessing https://domains.serv00.net/test, you can access and view all the files in /test/. I tried to change open_basedir through the link: https://docs.serv00.com/WWW/#php, but the changes are all default. How can I fix this vulnerability? This is too unsafe!

admin

No, this is not a security flaw but a commonly used functionality. You can disable directory indexing as indicated on the help page https://docs.serv00.com/htaccess/#disable-directory-index. Also, open_basedir in PHP is not meant for the purpose you intend to use it for.

luku

admin Thanks