Emmanuel E wrote:
Hi, Is there any way to disable PUT DELETE and TRACE methods on Apache? User authentication is one way but then it still allows authenticated users touse those methods.
There is no PUT or DELETE unless you are loading and setting Dav On. There is no reason to disable TRACE (vulnerability blah blah blah MS can't write a safe client blah blah blah). However see TraceEnable in 1.3.34/2.0.55 if you are inclined to be so silly.
On Windows since Apache runs as system it does have full access permissions to all files. From what I've been able to glean on google setting proper process and file permissions seems to be the way to go. Does anyone know what would be needed to be done on Windows?
http://httpd.apache.org/docs/2.0/platform/windows.html#winsvc --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|