Scanner aliases site reveals popular paths are configured as alias,
what it means and what you should pay attention:
The first tool allows the administrator to pay attention \ webmaster of this site to a possible vulnerability example: after the installation site in the root directory was / install it, though not irrelevant to the nicknames, but nevertheless a vulnerability that an administrator can benefit without problems this defect notice.
Imagine that in the standard assembly WEB-server registered alias to access phpmyadmin which will be available for any kind of link: * / phpmyadmin , at all sites running on the server, where in the site root directory phpmyadmin course does not exist, and provide access to it all in a row there is no need.
Such alias can simply not notice, especially if the server configuration is spread across multiple files, better yet again to check the entire configuration independently, but will help insure our crawler popular aliases that attackers strive to use for their own selfish purposes.
Scan alias (Alias) website:
admin/
install/
update/
phpmyadmin/
security/
webalizer/
contrib/
forbidden/
restricted/
icons/
webdav/
htaccess/
server-status/
server-info/
manual/
error/
logs/
log/
webpath/
php/
Enter the ip address or hostname of the test HTTP/1.1 200 OK:
Total was defined aliases:3030
Example configuration alias server APACHE: To Hem server directory lies not in the root directory and elsewhere on the disk is necessary.
Take advantage of opportunities created Apache alias:
... Alias / test / "C :/ musor / test_www /" Indexes MultiViews options AllowOverride None Order allow, deny Allow from All ... Now with the server will be called http://localhost/test/ not embedded test directory in the root directory of the server and the alias is placed in a place specified in the command to create an alias Alias / test / "C :/ musor / test_www /"