Knowledgebase: Site Functions
Disable Trace or Track Method
Posted by H9 Admin on 05 May 2015 11:51 AM

If you have VPS or Dedicated server hosting, you may want to disable the TRACE or TRACK methods for the Apache web server. Disabling it is also required for PCI Compliancy, if that's of interest to you. It's super easy to disable tracing for Apache if you're using a cPanel-based server.

Disable TRACE or TRACK Method

To disable TRACE or TRACK:

  1. Log into your cPanel's hosting admin panel, Web Hosting Manager (WHM)

  2. Click Service Configuration, from the left-hand side navigation menu

    Service Configuration

  3. Click Apache Configuration

  4. Click Global Configuration

    Global Configuration
  5. In the Trace Enable section toggle or select the option Off

  6. Scroll down and click Save 

  7. On the next page, click Rebuild Configuration and Restart Apache to restart the Apache Web Server

Verify It's Disabled

After this is done you should verify that Apache TRACE method has in fact been disabled for your VPS or Dedicated server. To do this you can perform one of the two options below.

Perform an Internal Test from SSH Shell

telnet localhost 80

You should see that the system is waiting on a character. This proves that the connection cannot be made, which is what you want. Exit out of this by pressing CTRL + C on your keyboard.

Perform an External Test from a Remote Web Site

  1. Go here: http://web-sniffer.net/

  2. Enter your domain name or IP address for your web server

  3. Enter the reCaptcha code and click Submit

    After the test finishes, you will see the following message in the HTTP Response Headers:

    HTTP Status Code: HTTP/1.1 405 Method Not Allowed


Attachments 
 
 globalconfiguration.png (74.80 KB)
 serviceconfiguration.png (33.86 KB)
(1 vote(s))
This article was helpful
This article was not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
Help Desk Software by Kayako fusion