- Digital Quality Training and Certification

Making the Web better
Discover Opquast’s missions: Create checklists for site quality, provide Web professionals with a foundation of common culture, animate and sustain an ecosystem of people and entities motivated to improve the Web.
Témoignage de Joachim RobertKissKissBankBank, Web Integrator

When I changed careers, I wanted to bring meaning to my new assignments. Because I felt the need to consider the end user first, I took the Opquast training and then the certification. Thanks to what I learned, I succeeded in my interviews and convinced those who became my team. Opquast gave me the keys to understand quality, but also to find missions that make sense.
Certification
The Opquast certification has already enabled more than 20,000 web professionals to train and have their skills recognized. It allows hundreds of teams and web service providers to acquire a common culture and vocabulary for web activities.
Fiche certifiée de Arnaud Malon
Webmaster
Crédit Mutuel & CIC 940 points
About us
Find all the information about Opquast, who we are, who the team members are, how to contact us.
Our missions
Create repositories of best practices, train and certify professionals and animate an ecosystem of people and organizations determined to make the Web better.

Rule n° 209 - The server does not send the file listing of directories with no index page.

When a website directory does not have a front page (the website image directory, for example), it may be possible to display its contents. For example, if this rule is not followed, a Url such as domain.com/ doc/ may allow access to the complete list of documents on the website, even if they are not online.

#Development #Security

Goal

Prevent the display of lists of files contained in a directory.
improve the server’s security.
Reduce the risk of intrusion.

Solution technique

Configure the server so that it does not return the listing of files found in a directory. For Apache, add for example options –indexes in the .htaccess.

Moyen de contrôle

For each audited site:

Check that the call to a directory without a default page - such as the directory of images, JS scripts or style sheets - does not return the listing of the contents of this folder (this action can however lead to an error page or to a redirect).