WebDAV directory listing

  • The WebDAV PROPFIND Method retrieves properties for a resource identified by the request Uniform Resource Identifier (URI). If Directory Browsing is enabled, a list of all resources and their properties under this directory is returned in the response. Using this method is possible to obtain a recursive directory listing of all the files&folders from this URI. This may help an attacker to learn more about his target.
  • Disable or remove WebDAV if you don't need it on this server. Otherwise, restrict Directory Browsing permissions to select URIs.