Posted on July 24, 2013 at 11:03 am

TRACE and TRACK are HTTP request methods used for debugging purposes. Having these request methods enabled in your web server may lead to security risk that may compromise the security of your website and an attacker may manipulate these HTTP request methods to steal sensitive data of users.

Disable Trace and Track with mod_rewrite

Add these lines of code in your .htaccess file:

RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]

Returns a 403 Forbidden error response to the attacker.

Disable Trace with Apache

Edit this Apache configuration file:

/etc/apache2/conf.d/security

Disable TRACE:

TraceEnable Off

Reload Apache:

/etc/init.d/apache2 reload

Updated on October 22, 2013 at 4:01 pm

Other Posts

• Download Latest Raspbian ISO for Raspberry Pi
• What is Default Raspbian Raspberry Pi Password
• How to Install Pi-Hole on Raspbian for Raspberry Pi
• 3 Cards in a Row with Bootstrap 4.4
• Debug 502 Errors in Google Cloud Load Balancer
• Python if-then-else in one line example
• How to urlencode() an URL in Python3
• Install Required Fonts for Puppeteer

Updated Posts

• How to Disable Hibernation on Windows 10
• Disable Windows Defender on Windows 10 via Regedit
• Install Latest NVIDIA Drivers for Windows 10
• How to improve security of encrypted hard disks
• Get Server IP Address with Ifconfig and IP in Bash
• bash: ipconfig: command not found
• Check if a number is within a range in bash
• Linux Commands to Check HDD from Rescue Mode