Nitko2 web server assessment
I decided to run a vulnerability scan on my fully patch Cent0S 5.2 rubyninja.net Apache web server using Nitko and learned quite a bit on the vulnerabilities found. 1st vulnerability found: My webalizer statistics were being displayed without any restriction. Fix: Enable .htaccess password protection and limited to permit local IP access. 2nd vulnerability found: […]