Localize: Apache2 /icons/ folder accessible

ID H1:7923
Type hackerone
Reporter melvin
Modified 2014-05-18T03:34:06


The Apache2 icons folder is accessible from http://www.localize.io/icons/. This is not by definition dangerous, but removing the directory can help obfuscate the server version you're running, which may prevent targeted attacks against your web server.

To remove the directory you should look for Alias "icons" [...] somewhere in the Apache2 config files and comment out the line.