Date Published: February 5, 2025
web.config accessible to the public (Windows Vulnerability Detected)
Issue¶
I got a notice that there is a Windows vulnerability with my application hosted on Acquia Cloud due to a publicly available web.config file.
Resolution¶
Update your .htaccess to a more recent version. You can see more information relevant to this on Drupal.org: https://www.drupal.org/project/drupal/issues/2974213
Cause¶
The reason that this becomes an issue is due to most likely an outdated .htaccess file. Please note that Acquia Cloud does not use Windows services so these warnings made known by security scans/teams are application level that developers can resolve.
Did not find what you were looking for?
If this content did not answer your questions, try searching or contacting our support team for further assistance.