Disable TRACE HTTP method on Apache 1.3.33

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <users@xxxxxxxxxxxxxxxx>
Subject: Disable TRACE HTTP method on Apache 1.3.33
From: "Yaniv Ofer" <Ofer.Yaniv@xxxxxxxxxxxx>
Date: Tue, 13 Feb 2007 13:00:45 +0200
Delivered-to: mailing list users@xxxxxxxxxxxxxxxx
Mailing-list: contact users-help@xxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: users@xxxxxxxxxxxxxxxx
Thread-index: AcdPXjZIsT0yALhlRXCYpd5OykxVQg==
Thread-topic: Disable TRACE HTTP method on Apache 1.3.33

Title: Disable TRACE HTTP method on Apache 1.3.33

Hello

Our application is running over Apache 1.3.33.

As a result of a failed security test, we have been asked to disable the TRACE HTTP method on our Apache Server.

Could you please refer me to a configuration/patch/fix that would disable the TRACE HTTP method for Apache 1.3.33 Server?

Our Server should refuse the following HTTP TRACE request:

==========================================================

TRACE /inbox?Uid=379%2D100 HTTP/1.1

Host: 172.17.129.61:50084

==========================================================

Our current server replies with 200 OK for that request.

Thanks

Ofer

Follow-Ups:
- RE: Disable TRACE HTTP method on Apache 1.3.33
  - From: Chirouze Olivier
- Re: Disable TRACE HTTP method on Apache 1.3.33
  - From: Pid

Prev by Date: Re: Trying to install Apache 2.2.4 on AIX 5.3
Next by Date: Re: Disable TRACE HTTP method on Apache 1.3.33
Previous by thread: Best practice for mod_proxy_ajp/balancer in apache-2.2.4?
Next by thread: Re: Disable TRACE HTTP method on Apache 1.3.33
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]

Powered by Linux