Guide to server misconfiguration
The term "server misconfiguration" is rather broad but for now, we'll stick to the basics. In this instance server misconfiguration refers to when an administrator has not removed software versions, these versions can sometimes be found within the request headers or default error pages. But further information can be found elsewhere.
Here is an example server response, perhaps you're able to see where the version number is leaked.
GET: HTTP/1.1 200 OK Date: Fri, 26 Aug 2022 14:25:49 GMT Server: Apache/2.2.15 (CentOS) X-Powered-By: PHP/4.6.25 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 5988 Connection: close Content-Type: text/html; charset=UTF-8
As you can see from the example above, when the server responds with the requested page it is also sending some information about the software it's using. In this instance, it's Apache/2.2.15. Additionally, it's even leaking the operating system it's running on top of, CentOS, a Linux-based operating system.
Along with the web server version, you may have also noticed that we're able to see that the PHP version is being leaked X-Powered-By: PHP/4.6.25. Similar to the previous example, this can be somewhat harmless but could also inform a malicious user of what exploits and attacks may have some success. For example, it's somewhat common knowledge that versions of PHP less than 5.3.4 are susceptible to null bytes. Now, this is getting a little off-topic now but a null byte can be used as a string terminator which means it can be used in vulnerabilities such as local file inclusion.
Correcting server misconfiguration
Depending on the web server the website is running on will depend on what steps are needed to secure it, there are a number of high-profile web servers running on the web today. Here's a list of some of the most popular web servers.
- Apache - https://httpd.apache.org
- Nginx - https://www.nginx.com
- Lighthttp - https://www.lighttpd.net
- Microsoft IIS - https://www.iis.net
For help with configuration and preventing information leakage we'd strongly recommend referring to the official documentation for the selected web server, this will help ensure you're receiving the most up-to-date information available.
Notice something not quite right? That's fine we're not perfect. Why not make a suggestion on our community forum, you should be able to see the correct formatting below.
Still need help?
Are you having trouble using arctil? Why not try reaching out to our Community Forum.
Alternatively, you can try contacting us through the Contact page.