When an HTTP client (generally a web browser) requests a URL that points to a directory structure instead of an actual web page within the directory, the web server will generally serve a default page, which is often referred to as a main or 'index' page. A common filename for such a page is index.html, but most modern HTTP servers offer a configurable list of filenames that the server can. Social and cultural phenomena specific to the Internet include Internet memes, such as popular themes, catchphrases, images, viral videos, and jokes. When such fads and sensations occur online, they tend to grow rapidly and become more widespread because the instant communication facilitates word of mouth transmission. Social and cultural phenomena specific to the Internet include Internet memes, such as popular themes, catchphrases, images, viral videos, and jokes. When such fads and sensations. If your password is on this list of 10,000 most common passwords, you need a new password. A hacker can use or generate files like this, which may readily be compiled from breaches of sites such as Ashley Madison. Usually passwords are not tried one-by-one against a system's secure server online; instead a hacker might manage to gain access to.
When an HTTP client (generally a web browser) requests a URL that points to a directory structure instead of an actual web page within the directory, the web server will generally serve a default page, which is often referred to as a main or 'index' page.
Shauna Maynard 4chan Video
A common filename for such a page is index.html
, but most modern HTTP servers offer a configurable list of filenames that the server can use as an index. If a server is configured to support server-side scripting, the list will usually include entries allowing dynamic content to be used as the index page (e.g. index.php
, index.shtml
, index.jsp
, default.asp
) even though it may be more appropriate to still specify the HTML output (index.html.php
or index.html.aspx
), as this should not be taken for granted. An example is the popular open source web server Apache, where the list of filenames is controlled by the DirectoryIndex
[1] directive in the main server configuration file or in the configuration file for that directory. It is possible to make do without file extensions at all, and be neutral to content delivery methods, and set the server to automatically pick the best file through content negotiation.
If the server is unable to find a file with any of the names listed in its configuration, it may either return an error (generally 404 Not Found) or generate its own index page listing the files in the directory. It may also return a 403 Index Listing Forbidden. Usually this option is also configurable.
History[edit]
A scheme where web server serves a default file on per-subdirectory basis has been supported as early as NCSA HTTPd 0.3beta (22 April 1993),[2] which defaults to serve index.html
file in the directory.[2][3] This scheme has been then adopted by CERN HTTPd since at least 2.17beta (5 April 1994), which its default supports Welcome.html
and welcome.html
in addition to the NCSA-originated index.html
.[4]
Later web servers typically support this default file scheme in one form or another; this is usually configurable, with index.html
being one of the default file names.[5][6][7]
Shauna Maynard 4chan Youtube
Implementation[edit]
In some cases, the home page of a website can be a menu of language options for large sites that use geo targeting. It is also possible to avoid this step, for example by using content negotiation.
In cases where no index.html
exists within a given directory, the web server may be configured to provide an automatically-generated listing of the files within the directory instead. With the Apache web server, for example, this behavior is provided by the mod_autoindex module[8] and controlled by the Options +Indexes
directive[9] in the web server configuration files. These automated directory listings are sometimes a security risk because they enumerate sensitive files which may not be intended for public access, in a process known as a directory indexing attack.[10] Such a security misconfiguration[11] may also assist in other attacks, such as a path or directory traversal attack.[12]
References[edit]
- ^'mod_dir - Apache HTTP Server'. httpd.apache.org. Retrieved 2014-05-30.
- ^ ab'WWW-Talk Apr-Jun 1993: NCSA httpd version 0.3'. 1997.webhistory.org.
- ^'NCSA HTTPd DirectoryIndex'. January 31, 2009. Archived from the original on January 31, 2009.
- ^'Change History of W3C httpd'. June 5, 1997. Archived from the original on June 5, 1997.
- ^'mod_dir - Apache HTTP Server Version 2.4 § DirectoryIndex Directive'. httpd.apache.org. Archived from the original on 2020-11-12. Retrieved 2021-01-13.
- ^'NGINX Docs | Serving Static Content'. docs.nginx.com. Archived from the original on 2020-11-11. Retrieved 2021-01-13.
- ^'Default Document <defaultDocument> | Microsoft Docs'. docs.microsoft.com. Archived from the original on 2020-12-08. Retrieved 2021-01-13.
- ^'mod_autoindex - Apache HTTP Server Version 2.4'. httpd.apache.org. Retrieved 2021-01-13.
- ^'core - Apache HTTP Server Version 2.4 § Options Directive'. httpd.apache.org. Retrieved 2021-01-13.
- ^'IBM Docs'. IBM. 2021-03-08. Retrieved 2021-05-07.
- ^'A6:2017-Security Misconfiguration'. OWASP. Retrieved 2021-05-07.
- ^'Path Traversal'. OWASP. Retrieved 2021-05-07.