httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mauricio Cavalcanti" <mauriciopcavalca...@hotmail.com>
Subject [users@httpd] TRACE again
Date Mon, 02 Aug 2004 18:20:54 GMT
Hi,
i made some changes in httpd.conf to my nessus stop boring me with TRACE 
"Vulnerability".

I put 3 lines:
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]

in each VH configured in httpd.conf

When i run nessus again, this "vulnerability" disapear in VH that uses port 
80, but not in VH using 443 port.

I made a copy/paste... so no human fail.

Anyone knows what i can do to make this "vulnerability" in apache running in 
443 port disapear?

Thanks in advance,
Mauricio.

_________________________________________________________________
MSN Hotmail, o maior webmail do Brasil.  http://www.hotmail.com


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message