View Single Post
Old 23rd April 2013, 22:58
Fluotonic Fluotonic is offline
Junior Member
Join Date: Jan 2013
Posts: 27
Thanks: 4
Thanked 0 Times in 0 Posts
Default /mail folder publicly accessible!!!

Hi guys,

I just noticed a serious problem in my server config: when I type in the following address to access my website, I get access to the full directory and can download all php files!

The address looks like this (fake domain)

If I go in the parent directory, I land in the ISPConfig admin interface, which is OK.

I have an SSL certificate in place and it works perfectly for my domain otherwise.

Please help me, I'm a bit stressed with this leak I just discovered. I might have made a mistake in my config...

Reply With Quote
Sponsored Links