Had a customer trying to get PCI compliance and they failed him because he had a browesable folder, but the folder is not in his web site the entry was https://proaudiodesignforum.com/manual/images/ It shows th Apache Manual and images. I tried putting that /manual/images on another website and the same thing happened. Think there is an alias setup but not sure where to start looking. Can someone point me in the right direction? Thanks!
Code: grep -R "manual" /etc/apache2/conf-enabled Showed me that this alias comes from "apache2-doc". Run Code: a2disconf apache2-doc to disable that config.
PCI compliance tests also appear to check specifically for /phpmyadmin and will fail it if finds it. i went through all this before for a client who was trying to get their site tested. no matter what i did with security for phpmyadmin, just it's existence there using /phpmyadmin was enough to fail the pci compliance tests. just changing the global alias from /phpmyadmin to /dbadmin and the pci tests suddenly had no problem with the existence of phpmyadmin on the server.
Is the global alias in the ISPConfig ->Interface -> main Config? Changed it there to /dbadmin and rebooted my master but it still goes to /phpmyadmin
if your using multiple servers, set it to : https://[SERVERNAME]/dbadmin and change (or add) the alias in /etc/apache2/conf-enabled/phpmyadmin.conf : Code: Alias /dbadmin /usr/share/phpmyadmin on each server where phpmyadmin is used. i'd add it and leave the /phpmyadmin alias in there. the setting in main config is for the link buttons in the control panel interface. this way, everyone who's saved the login page as a bookmark can still get it. but leaving the /phpmyadmin alias in the conf, you'll need to add to the apache directives (or .htaccess) of the site being pci compliance tested to block requests that include /phpmyadmin. a bit of a pain, but probably still easier than trying to explain to every other customer how and why the url has changed.
So glad I decided to go with ISPConfig years ago and support like this confirms it. Thanks guys for the help.
