Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

apache TRACE/TRACK disable

Discussion in 'EasyApache' started by mickalo, Nov 24, 2008.

  1. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    782
    Likes Received:
    5
    Trophy Points:
    318
    Location:
    N.W. Iowa
    I've been informed that using Apache TRACE/TRACK method is can cause security issues. How does one disable this, couldn't find anything in the httpd.conf file referencing this. We running Apache 2.2.10 w/latest Stable Cpanel.

    Thx's

    Mike
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 mickalo, Nov 24, 2008
  2. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    769
    Likes Received:
    2
    Trophy Points:
    168
    Location:
    /dev/null
    mod_security will help in this instance, here is a rule that will do it

    Code:
    # deny TRACE method
SecRule REQUEST_METHOD "trac(?:e|k)" \
	"phase:1,t:lowercase,id:340002,rev:2,severity:2,msg:'TRACE/TRACK method denied'"
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 nickp666, Nov 25, 2008
  3. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    782
    Likes Received:
    5
    Trophy Points:
    318
    Location:
    N.W. Iowa
    thanks for the info, we'll add it to mod security rules.

    Mike
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 mickalo, Nov 25, 2008
(You must log in or sign up to post here.)
Loading...
Similar Threads - apache TRACE TRACK
  1. bejbi

    New Thread release of PHP 7.3 in easyapache ?

    bejbi, Dec 8, 2018 at 12:53 PM, in forum: EasyApache
    Replies:
    1
    Views:
    105
    Infopro
    Dec 8, 2018 at 2:17 PM
  2. Kanyarut R.

    New Thread EasyApache 4 Update Error

    Kanyarut R., Dec 7, 2018 at 9:35 PM, in forum: EasyApache
    Replies:
    0
    Views:
    69
    Kanyarut R.
    Dec 7, 2018 at 9:35 PM
  3. supcp

    New Thread EasyApache Passenger/htaccess issues

    supcp, Dec 7, 2018 at 12:10 PM, in forum: EasyApache
    Replies:
    1
    Views:
    84
    supcp
    Dec 7, 2018 at 12:18 PM
  4. Stanislav.Anv

    Clean installation (Apache php only)

    Stanislav.Anv, Dec 7, 2018 at 1:39 AM, in forum: Workarounds and Optimization
    Replies:
    4
    Views:
    84
    cPanelLauren
    Dec 7, 2018 at 11:25 AM
  5. David_spm

    Apache down: 'lynx: Can't access startfile http://localhost/whm-server-status'

    David_spm, Dec 6, 2018 at 6:01 AM, in forum: EasyApache
    Replies:
    8
    Views:
    173
    David_spm
    Dec 7, 2018 at 6:34 PM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice