The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

apache TRACE/TRACK disable

Discussion in 'EasyApache' started by mickalo, Nov 24, 2008.

  1. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    774
    Likes Received:
    4
    Trophy Points:
    318
    Location:
    N.W. Iowa
    I've been informed that using Apache TRACE/TRACK method is can cause security issues. How does one disable this, couldn't find anything in the httpd.conf file referencing this. We running Apache 2.2.10 w/latest Stable Cpanel.

    Thx's

    Mike
     
    #1 mickalo, Nov 24, 2008
  2. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    168
    Location:
    /dev/null
    mod_security will help in this instance, here is a rule that will do it

    Code:
    # deny TRACE method
SecRule REQUEST_METHOD "trac(?:e|k)" \
	"phase:1,t:lowercase,id:340002,rev:2,severity:2,msg:'TRACE/TRACK method denied'"
     
    #2 nickp666, Nov 25, 2008
  3. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    774
    Likes Received:
    4
    Trophy Points:
    318
    Location:
    N.W. Iowa
    thanks for the info, we'll add it to mod security rules.

    Mike
     
    #3 mickalo, Nov 25, 2008
(You must log in or sign up to post here.)
Loading...
Similar Threads - apache TRACE TRACK
  1. Maxence

    SOLVED EasyApache 4 & HTTP2 & Cloudlinux

    Maxence, Jul 25, 2017 at 9:56 AM, in forum: EasyApache
    Replies:
    2
    Views:
    32
    Maxence
    Jul 25, 2017 at 10:44 AM
  2. linux4me2

    Apache Global Configuration for MPM Event

    linux4me2, Jul 20, 2017 at 1:30 PM, in forum: EasyApache
    Replies:
    9
    Views:
    145
    linux4me2
    Jul 22, 2017 at 11:00 AM
  3. Sebastian Shin

    Apache & Tomcat port confliction issue

    Sebastian Shin, Jul 20, 2017 at 12:27 PM, in forum: General Discussion
    Replies:
    1
    Views:
    30
    cPanelMichael
    Jul 20, 2017 at 12:48 PM
  4. mtindor

    SOLVED EasyApache 3 and WHM 66

    mtindor, Jul 20, 2017 at 10:38 AM, in forum: EasyApache
    Replies:
    3
    Views:
    46
    mtindor
    Jul 20, 2017 at 11:05 AM
  5. gentlemedia

    SOLVED Modify apache config file directly

    gentlemedia, Jul 20, 2017 at 9:28 AM, in forum: Workarounds and Optimization
    Replies:
    2
    Views:
    41
    gentlemedia
    Jul 20, 2017 at 9:58 AM

Share This Page