ANSSI Hygiène R32

Restreindre les interfaces d'administration

UnveilScan findings mapped to this control

The scanner emits 2 distinct findings on this control. Click "Scan a domain" below to see which of them currently apply to your site, with copy-paste remediation snippets (nginx, Apache, DNS BIND, web-server config).

web.joomla_administrator_exposed ⏱ 30 min

WEB — Joomla administrator exposed

Risk if ignored: /administrator/ reachable from the public internet exposes the admin login to brute-force and credential-stuffing campaigns. Joomscan and similar tooling target this surface continuously.

security

Also maps to 1 other control

ISO 27001:2022 A.8.3 — Access restriction

web.tomcat_default_root_page ⏱ 15 min

WEB — Tomcat default root page

Risk if ignored: Default Tomcat ROOT landing page reachable on the apex is the strongest signal of an unhardened production host. It correlates with /manager/, /host-manager/, /examples/, /docs/ also being deployed — each with its own CVE history.

security operational

Also maps to 2 other controls