Bad Url Access scan

What It Checks

This scanner checks if there are files using bad extensions that are accessible in the uploads folder. The uploads folder should only contain files like images, pdf, or zip archives. Other files should not be accessible by their URL.

Why It Matters

The uploads folder should only contain files like images, pdf, or zip archives. Other files should not be accessible by their URL. Files with dangerous extensions like PHP, JavaScript, or executable files can be used by attackers to compromise your site.

What You'll See

Good Status:

• No files with dangerous extensions are accessible.
• Rules preventing access to files with dangerous extensions have been added to your .htaccess file.

Bad Status:

• Files with dangerous extensions should not be accessible.

Warning:

• Unable to determine if files with dangerous extensions are accessible. But you can activate the Bad File Extensions protection from the Sensitive Data module.

How to Fix

Activate the Bad File Extensions protection from the Sensitive Data module. This will prevent access to files with dangerous extensions in your uploads folder, keeping your site safe from malicious file uploads.

Bad File Extensions