How to prohibit storage of archived directories on webroot?

  • 19 March 2021
  • 2 replies

Hello All-

We have encountered a vulnerability "Web Server Misconfiguration: Unprotected File." This may affect our deployments and exposure of files. How can we prohibit the storage of archived directories on webroot? Is there any way to fix this vulnerability?

Thanks in advance!

2 replies

Thanks for the question. I think to give you an accurate answer, I’d need a bit more information.

Can you tell me where this message came from? Was it from the Webroot agent directly, or from a different utility?

Also, how is this impacting your deployments, and are you talking specifically about deploying Webroot, or a different piece of software.

Any additional information you can provide would give me a much better idea of what you’re looking at.

Hello. Thanks for mentioning. Apologies for the confusions.

WebInspect has detected an archive file with extension .zip on the target server. This may contain sensitive artifacts such as source codes. The suggested way is to prohibit the storing of sensitive data on the webroot. So I’m wondering if there is a way to protect the files and to not save it to the webroot?