Racker Hacker

Apache: Disable TRACE and TRACK methods

Lots of PCI Compliance and vulnerability scan vendors will complain about TRACE and TRACK methods being enabled on your server. Since most providers run Nessus, you'll see this fairly often. Here's the rewrite rules to add:

RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]

These directives will need to be added to each VirtualHost.

Further reading:
Apache Debugging Guide

This entry was posted on 28/08/2007 (Tuesday) at 6:27 pm and is filed under Posts. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Printed from: http://rackerhacker.com/2007/08/28/apache-disable-trace-and-track-methods/ .
© Major Hayden 2010.

1 Comment   »

• ace says:

  29.08.07 at 13:34

  For apache version 1.3.34 (or later 1.3.x versions), or apache 2.0.55 (or later), this has been made easy. Just add the line TraceEnable off

Trackbacks/Pingbacks

1. Racker Hacker » Posts In Progress » Plesk: Disabling TRACE/TRACK methods globally

RSS feed for comments on this post , TrackBack URI

• • Home
  • About the Racker Hacker
  • MySQLTuner
  • Favorite Mac Apps

• My Sites

  • Major's Posterous
  • MySQLTuner
  • PleskHacker

• Social Media

  • Facebook
  • Flickr
  • LinkedIn
  • Twitter

• Web Links

  • 5dollarwhitebox
  • langui.sh
  • rjamestaylor.com
  • Steven Crowder
  • Stuffleufagus
  • Transcend Linux

• RackerHacker's Tweets

  • @hooobs You have Big Bear in there? ;-) in reply to hooobs 31 mins ago
  • New COO at Canonical: http://is.gd/aKFz3 3 hrs ago
  • @hjv That was my favorite part of the video. @h1nch was cackling during that part as well. ;-) in reply to hjv 3 hrs ago
  • Piano Improv man on Chat Roulette makes me laugh so hard I cry http://post.ly/TCIb 4 hrs ago
  • I don't know what I'd do if I saw this on the interstate http://post.ly/TB73 5 hrs ago
  • More updates...

• Recent Comments

  • daniel on Syncing an iPhone with a new Mac without hassles
  • daniel on Syncing an iPhone with a new Mac without hassles
  • MonkeyAss on Automatically starting synergy in GDM in Ubuntu/Fedora
  • Torres on Requiring SSL encryption for Wordpress administration
  • Steffen on MySQL: Errcode: 24 when using LOCK TABLES

• Random Posts

  • qmail: This message is looping: it already has my Delivered-To line
  • AWStats icons don't appear in Plesk 8.1
  • Show hidden dot files in proftpd
  • Parsing HTML through PHP in Plesk
  • Deleting all e-mail messages in your inbox with mutt

• Tags

  apache blog command line database debian development emergency encryption fedora filesystem ftp fun general advice horde iowait iptables kernel kernel panics linux mac mail memory mysql mysqltuner networking optimization performance perl php plesk procmail qmail red hat rpm screencasts security sendmail ssh ssl sysadmin ubuntu vmware web wordpress yum