Disable Trace or Track Method
Posted by H9 Admin on 05 May 2015 11:51 AM
If you have VPS or Dedicated server hosting, you may want to disable the TRACE or TRACK methods for the Apache web server. Disabling it is also required for PCI Compliancy, if that's of interest to you. It's super easy to disable tracing for Apache if you're using a cPanel-based server.
Disable TRACE or TRACK Method
To disable TRACE or TRACK:
Verify It's Disabled
After this is done you should verify that Apache TRACE method has in fact been disabled for your VPS or Dedicated server. To do this you can perform one of the two options below.
Perform an Internal Test from SSH Shell
telnet localhost 80
You should see that the system is waiting on a character. This proves that the connection cannot be made, which is what you want. Exit out of this by pressing CTRL + C on your keyboard.
Perform an External Test from a Remote Web Site