Posted on July 24, 2013 at 11:03 am

TRACE and TRACK are HTTP request methods used for debugging purposes. Having these request methods enabled in your web server may lead to security risk that may compromise the security of your website and an attacker may manipulate these HTTP request methods to steal sensitive data of users.

Disable Trace and Track with mod_rewrite

Add these lines of code in your .htaccess file:

RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]

Returns a 403 Forbidden error response to the attacker.

Disable Trace with Apache

Edit this Apache configuration file:

/etc/apache2/conf.d/security

Disable TRACE:

TraceEnable Off

Reload Apache:

/etc/init.d/apache2 reload

Updated on October 22, 2013 at 4:01 pm

Other Posts

• How to Clone a Virtual Machine on VirtualBox via Command-Line
• How to Mount a Shared Folder on VirtualBox Windows Guest
• How to Install VirtualBox Guest Additions on Windows Guest
• Add Shared Folder on VirtualBox VM via Command-Line on Debian
• How to Install a .Deb File on Debian Linux via Command-Line
• Install VirtualBox 6.0 on Debian 10 Buster
• Install Windows 7 Guest on VirtualBox Debian Host (Command-Line)
• Create or Restore a VirtualBox Snapshot on Debian (Command-Line)

Updated Posts

• Run a Program Inside a VirtualBox Guest VM from Host via Command-line
• Disable User Account Control (UAC) in Windows 10
• Get the Output of a Program in a Variable in Bash
• Automatically Renew Let's Encrypt Certificates (Nginx)
• Capture Multiple Line Output Into a Bash Variable
• How to Extract Domain from URL in Bash
• Get Local File Permissions from Command-Line on Linux
• Disable Driver Signature Enforcement on Windows 7 64-bit