About Us

The presence of a directory listing does not always imply that it is a security risk. Any sensitive resources in the web root should be access-controlled in any case, and should not be accessible by an unauthorized person who knows or guesses the URL. Even if directory listings are disabled, an attacker can use automated tools to guess the location of sensitive files.