Hi,
If I recall well, yuo can use the <Limit> option:
<Limit TRACE>
Deny all
</Limit>
Rgds,
Gergely POLONKAI
Jeroen Vriezen írta:
> Hello,
>
> Currently we are using Apache 2.0.46. On the 1.3.x version we always
> used the following mod_rewrite rule to disable the TRACE option:
>
> RewriteEngine on
> RewriteCond %{REQUEST_METHOD} ^TRACE
> RewriteRule .* - [F]
>
> When using these rules on Apache 2.0.46, TRACE is still possible.
> Beside the fact that the whole TRACK & TRACE
> "security issue" is not that interesting, I still wonder how TRACE can
> be disabled in Apache 2.0.46. I've also tried the TraceEnable option
> but that
> options seems to be supported in 2.0.55 and later only.
>
> Hope someone can point me in the right direction.
>
> Kind Regards,
>
> Jeroen.
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|