I don’t even know what my question is exactly, 
but I’ll try to explain it here.
So I’ve designed a page template for a website that uses neither URL Rewriting (URLs easily reveal directory structure) nor a router and my concern is that I’ve made use of Ajax a number of times in this template and I have clearly written the exact paths to the scripts that use a web service on another server to provide data that I need, so I worry if a user takes a look at the source (view page source / inspect element / etc…) and they can know too much about the website!
Am I causing a risk here to the website? If yes then how should I write the urls in my ajax calls?
Just in case: The Indexes option is also turned off but the exact paths to the scripts make the server run them.
Thank you for your help in advance.
URL Rewrite has nothing to do with web security. If you make your website with standard and modern methodologies, then you shouldn’t worry. But if you made a website with a lot of security holes by using outdated code, then obviously you should be throw away the entire website and start from scratch. Start using up to date code and you shouldn’t have to worry about anything.
2 Likes
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.