The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

apache TRACE/TRACK disable

Discussion in 'EasyApache' started by mickalo, Nov 24, 2008.

  1. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    774
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    N.W. Iowa
    I've been informed that using Apache TRACE/TRACK method is can cause security issues. How does one disable this, couldn't find anything in the httpd.conf file referencing this. We running Apache 2.2.10 w/latest Stable Cpanel.

    Thx's

    Mike
     
    #1 mickalo, Nov 24, 2008
  2. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
    mod_security will help in this instance, here is a rule that will do it

    Code:
    # deny TRACE method
SecRule REQUEST_METHOD "trac(?:e|k)" \
	"phase:1,t:lowercase,id:340002,rev:2,severity:2,msg:'TRACE/TRACK method denied'"
     
    #2 nickp666, Nov 25, 2008
  3. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    774
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    N.W. Iowa
    thanks for the info, we'll add it to mod security rules.

    Mike
     
    #3 mickalo, Nov 25, 2008
(You must log in or sign up to post here.)
Loading...
Similar Threads - apache TRACE TRACK
  1. elmister

    Apache not recognizing servername randomly

    elmister, May 25, 2017 at 8:09 AM, in forum: EasyApache
    Replies:
    2
    Views:
    19
    elmister
    May 25, 2017 at 8:46 AM
  2. Mufti Ardian

    about upgrade Apache 2.4 & PHP 5.6

    Mufti Ardian, May 25, 2017 at 7:23 AM, in forum: EasyApache
    Replies:
    2
    Views:
    20
    cPanelMichael
    May 25, 2017 at 8:07 AM
  3. Hostmavi

    EasyApache 4 Issues with Internet Explorer

    Hostmavi, May 20, 2017 at 10:32 AM, in forum: EasyApache
    Replies:
    4
    Views:
    77
    cPanelMichael
    May 25, 2017 at 2:38 PM
  4. cPStacy

    EasyApache 4 Update - May 16 and 17, 2017

    cPStacy, May 18, 2017, in forum: EasyApache
    Replies:
    0
    Views:
    133
    cPStacy
    May 18, 2017
  5. cmonego

    Webmail redirects to defaultwebpage.cgi after easyapache upgrade for version 4

    cmonego, May 18, 2017, in forum: EasyApache
    Replies:
    3
    Views:
    77
    Infopro
    May 20, 2017 at 10:20 AM

Share This Page