Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

apache TRACE/TRACK disable

Discussion in 'EasyApache' started by mickalo, Nov 24, 2008.

  1. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    774
    Likes Received:
    4
    Trophy Points:
    318
    Location:
    N.W. Iowa
    I've been informed that using Apache TRACE/TRACK method is can cause security issues. How does one disable this, couldn't find anything in the httpd.conf file referencing this. We running Apache 2.2.10 w/latest Stable Cpanel.

    Thx's

    Mike
     
    #1 mickalo, Nov 24, 2008
  2. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    168
    Location:
    /dev/null
    mod_security will help in this instance, here is a rule that will do it

    Code:
    # deny TRACE method
SecRule REQUEST_METHOD "trac(?:e|k)" \
	"phase:1,t:lowercase,id:340002,rev:2,severity:2,msg:'TRACE/TRACK method denied'"
     
    #2 nickp666, Nov 25, 2008
  3. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    774
    Likes Received:
    4
    Trophy Points:
    318
    Location:
    N.W. Iowa
    thanks for the info, we'll add it to mod security rules.

    Mike
     
    #3 mickalo, Nov 25, 2008
(You must log in or sign up to post here.)
Loading...
Similar Threads - apache TRACE TRACK
  1. xml

    New Thread After upgrade from EasyApache3 to EasyApache4

    xml, Apr 21, 2018 at 12:12 PM, in forum: EasyApache
    Replies:
    2
    Views:
    43
    24x7server
    Apr 22, 2018 at 9:15 AM
  2. AzurelinkCP

    EasyApache 4: Unaffected means uninstall

    AzurelinkCP, Apr 19, 2018 at 11:13 AM, in forum: EasyApache
    Replies:
    11
    Views:
    69
    cPanelMichael
    Apr 20, 2018 at 9:59 AM
  3. Nile Youth

    This system has the following Apache override templates installed

    Nile Youth, Apr 12, 2018, in forum: EasyApache
    Replies:
    1
    Views:
    62
    Infopro
    Apr 12, 2018
  4. ca2236

    Apache Global Configuration

    ca2236, Apr 10, 2018, in forum: EasyApache
    Replies:
    6
    Views:
    79
    cPanelLauren
    Apr 10, 2018
  5. shazde

    Apache mod_userdir Tweak config file

    shazde, Apr 9, 2018, in forum: General Discussion
    Replies:
    2
    Views:
    53
    cPanelLauren
    Apr 10, 2018

Share This Page