Online Apache Server Status Disclosure Scanner
It is possible to obtain an overview of the remote Apache web server's activity and performance by requesting the URL '/server-status'.
Short Info
Level
Medium
Type
Single Scan
Can be used by
Everyone
Estimated Time
5 sec
Scan only one
Url
Parent Category
Online Apache Server Status Disclosure Scanner Detail
The Apache webserver module mod_status provides information on an Apache server's activity and performance. The module uses a publicly accessible webpage located at /server-status to provide real-time traffic logs in addition to host information including CPU usage, current HTTP requests, client IP addresses, requested paths, and processed virtual hosts. Such information could give a potential attacker information to aid further attacks and could disclose sensitive traffic information. No authentication is required to exploit this information disclosure vulnerability.
control security posture