Online Apache Server Status Disclosure Scanner
It is possible to obtain an overview of the remote Apache web server's activity and performance by requesting the URL '/server-status'.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Everyone
Estimated Time
5 sec
Scan only one
Url
Toolbox
-
The Apache webserver module mod_status provides information on an Apache server's activity and performance. The module uses a publicly accessible webpage located at /server-status to provide real-time traffic logs in addition to host information including CPU usage, current HTTP requests, client IP addresses, requested paths, and processed virtual hosts. Such information could give a potential attacker information to aid further attacks and could disclose sensitive traffic information. No authentication is required to exploit this information disclosure vulnerability.
![cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.](/_next/image?url=%2Fassets%2Fimages%2Fhome%2Fshield-256.png&w=640&q=75)
control security posture