We have done vulnerability analysis with third party security team. They have mentioned one point as critical findings but i don’t understand risk associated with it and suggested remedial action also bit confusing.
Finding : Same web application can be access by two different URLS.
Ex: http://1.1.1.1/abc, http://example.com/abc
Remedial Action : Upgrade PHP Version and
Modify the HTTP ETag header of the web server to not include file inodes in the
ETag header calculation.
Could you please tell me someone what are the risks associated with accessing same application with It IP address and Domain name?