Solution
In latest Apache (2.2 and later) The TraceEnable directive can be used to disable TRACE method:
all you have to do is add following line in conf/httpd.conf:
TraceEnable Off
Validation
1. Using telnet application, open a connection to you web server:
go to command prompt adn type
telnet <server-name-or-IP> <port_number> : ex - telnet 10.192.152.23 80
2. Once connected, type the following:
TRACE / HTTP/1.1
Hit ENTER key twice.
Hit ENTER key twice.
you shoud be seeing something like below..
TraceEnable off <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head>
<title>400 Bad Request</title>
</head>
<body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br /></p>
</body>
</html>
all done !! go ahead..
No comments:
Post a Comment