Hello
Our application is running over Apache 1.3.33.
As a result of a failed security test, we have been asked to disable the TRACE HTTP method on our Apache Server.
Could you please refer me to a configuration/patch/fix that would disable the TRACE HTTP method for Apache 1.3.33 Server?
Our Server should refuse the following HTTP TRACE request:
==========================================================
TRACE /inbox?Uid=379%2D100 HTTP/1.1
Host: 172.17.129.61:50084
==========================================================
Our current server replies with 200 OK for that request.
Thanks
Ofer