During a pentest you find /.git/ publicly accessible, revealing source files and config with DB creds. Which is the correct immediate remediation and long-term fix?

Last Updated :

Discuss

Comments

During a pentest you find /.git/ publicly accessible, revealing source files and config with DB creds. Which is the correct immediate remediation and long-term fix?

Delete .git folder from server and change deploy process.

Remove .git only if it contains secrets.

Add .git to robots.txt.

Ignore — attackers already know.

This question is part of this quiz :

Cyber Quiz Day 35

Tags:

Ethical Hacking

Share your thoughts in the comments

GeeksforGeeks