Description
During the scan, Kayran managed to find the “.htaccess File Readable” Vulnerability.
That means that there is a folder that contains a “.htaccess” file which can be read. These file are analyzed by a web based server and should not be readable to all since the file contains sensitive information that can assist an attacker in performing malicious actions.
If an attacker, or any other user can access this file, that means that possible sensitive information can be seen by them. That will help them in carrying out attacks on your Web Assets.
Recommendation
Remove these files from production related systems. You can also restrict access to files of this type by customizing the web server configuration accordingly.
References
https://kayran.io/blog/blog/information-disclosure-self-revealing-our-secrets/
