Configuration File (Rails Database)
- CWE 200
- WASC 15
- CWE 425
- WASC 34
Exposed Configuration Files occur when an application’s configuration files (e.g., config.php, web.config, .env) are publicly accessible without proper access controls. These files often contain sensitive information such as database credentials, API keys, encryption keys, or environment settings. Attackers can leverage this exposure to gain unauthorized access, escalate privileges, or exploit other vulnerabilities. Misconfigured web servers, accidental uploads, or inclusion of development files in production commonly lead to this issue.
Common patterns leading to configuration file exposure:
- Storing configuration files in web-accessible directories.
- Deploying development or backup configuration files to production.
- Misconfigured web server rules allowing direct download of
.env,.ini,.json,.yml, or.xmlfiles. - Lack of proper file permissions or access controls on sensitive files.
Impacts:
- Sensitive Data Exposure: Database credentials, API keys, and other secrets may be leaked.
- Unauthorized Access: Attackers can connect to databases, services, or administrative interfaces.
- Facilitates Further Exploitation: Knowledge from configuration files can aid in SQL Injection, Remote Code Execution, or privilege escalation.
- Compliance Violations: Exposure of sensitive information may breach regulatory requirements such as PCI DSS or GDPR.
Detection indicators:
- HTTP requests retrieving configuration files successfully.
- Security scans flagging publicly accessible configuration files.
- Version control backup files containing configuration data exposed to the web.
Remediation
Mitigation strategies focus on access control, deployment hygiene, and file security:
Move Configuration Files Out of Web Root
Store sensitive files outside of directories accessible via the web.Restrict Access via Web Server Configuration
Deny HTTP access to configuration files using.htaccess, nginx rules, or server directives.Use Environment Variables
Store sensitive information in environment variables rather than directly in files where possible.Secure File Permissions
Apply minimal permissions, allowing only the application to read configuration files.Remove Backup or Development Files
Ensure development, test, or backup configuration files are not deployed to production.Encrypt Sensitive Values
Where feasible, encrypt secrets stored in configuration files.Regular Security Testing
Scan for exposed configuration files during automated testing and penetration tests.Monitor and Audit Access Logs
Detect unauthorized access attempts to configuration files.
References
Search Vulnerability
You may also see
- Configuration File (Wordpress)
- Configuration File (Rails Database)
- Configuration File (Ruby Gem)
- Configuration File (Rake)
- Configuration File (Vagrant)
- Configuration File (Laravel)
- Configuration File (Travis CI)
- Configuration File (Grunt)
- Predictable Resource Location
- Code Repository
- Configuration File
- Administration page