How To Disable TRACE/TRACK Method in Apache And Test: Revision

Last updated by Portlin Admin

Step1: Login to server and make following changes in httpd.conf
 

Example: Apache Installation Path /app/apache-2.4.35/
Assume: Server IP is 192.168.0.200

]$ sudo vi /app/apache-2.4.35/conf/httpd.conf
TraceEnable off


]$sudo /app/apache-2.4.35/bin/apachectl -k restart
 


Step2: Test

]$ telnet 192.168.0.200 80
Trying 115.110.93.59...
Connected to
192.168.0.200.
Escape character is '^]'.
TRACE / HTTP/1.0
HOST:
192.168.0.200
TESTA: Hello
TESTB: World
<- Press Double Enter Here

HTTP/1.1 405 Method Not Allowed
Date: Wed, 09 Jan 2019 05:07:45 GMT
Server: Apache/2.4.35 (Unix) PHP/7.2.10
Allow:
Content-Length: 223
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>405 Method Not Allowed</title> <- TRACE Is Disabled
</head><body>
<h1>Method Not Allowed</h1>
<p>The requested method TRACE is not allowed for the URL /.</p> <- TRACE Is Disabled
</body></html>
Connection closed by foreign host.