During a vulnerability assessment, you discover that an organization's Apache 2.4 server accepts requests containing URL-encoded "../" sequences and returns files located outside the web-root directory. The security team needs a countermeasure that can be implemented at the web-server layer without touching application code. Which action most directly mitigates this risk?
Enable the ModSecurity module with the OWASP Core Rule Set to drop any request containing directory-traversal patterns.
Disable HTTP keep-alive in httpd.conf so each request closes immediately after a response.
Add the directive "ServerTokens Prod" to hide detailed Apache version information.
Increase the MaxRequestWorkers directive to handle a larger number of simultaneous connections.
ModSecurity can be loaded as a web-application firewall module for Apache, allowing every HTTP request to be inspected before it reaches the application. When paired with the OWASP ModSecurity Core Rule Set, generic traversal-detection rules (for example, IDs 930110 and 930120) block patterns such as "../" and their URL-encoded variants, immediately rejecting malicious requests. Disabling keep-alive only affects connection reuse and does not filter input. Setting ServerTokens to Prod hides version information but offers no input validation. Increasing MaxRequestWorkers adjusts concurrency limits and likewise fails to stop traversal attacks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is ModSecurity and how does it protect against directory traversal attacks?
Open an interactive chat with Bash
What are directory traversal attacks and why are they dangerous?
Open an interactive chat with Bash
What does the OWASP Core Rule Set (CRS) include, and why is it important?
Open an interactive chat with Bash
What is ModSecurity and how does it enhance security on Apache?
Open an interactive chat with Bash
What is directory traversal, and why is it a security risk?
Open an interactive chat with Bash
What is the OWASP Core Rule Set, and how does it prevent attacks?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Web Application Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .