Backup files

Backup files

Published on 2004-03-27. Updated on 2009-10-27.

Description:
A possible backup file has been found on your webserver. These files are usually created by developers to backup their work.

Impact:
Backup files can contain script sources, configuration files or other sensitive information that may help an malicious user to prepare more advanced attacks.

Recommendation:
Remove the file(s) if they are not required on your website. As an additional step, it is recommended to implement a security policy within your organization to disallow creation of backup files in directories accessible from the web.

Tags: File checks

Alert Tags: information_disclosure
ApplicableApplicationServer : All
ApplicableOS: All
ApplicableWebServer: All

References:

Security Focus : Ten Steps to a Cleaner Web Root

Security Tips for Server Configuration

Protecting Confidential Documents at Your Site

Go Back

• Product Information
• Download
• Product Tour
• Brochure (PDF)
• Pricing
• Testimonials
• Customer references
• Resell Acunetix
• Acunetix in the Press
• List of vulnerability checks

• Learn more
• SQL Injection
• Cross site scripting
• Web Security
• Directory Traversal
• Ajax Application Security
• Google Hacking