1
Bin kürzlich auf das folgende gestoßen und würde gerne wissen, was ihr dazu sagt, also ob das ganze sinnvoll und wichtig ist oder nicht so.
Disable HTTP Trace Method
There is a security attack technique called Cross Site Tracing (XST) which can be used together with another attack mechanism called Cross Site Scripting (XSS) which exploits systems which have HTTP TRACE functionality. HTTP TRACE is a default functional feature on most webservers and is used for things like debugging. Hackers who use XST will usually steal cookie and other sensitive server information via header requests.
You can disable the trace functionality either via your Apache configuration file or by putting the following in your .htaccess file:
Disable HTTP Trace Method
There is a security attack technique called Cross Site Tracing (XST) which can be used together with another attack mechanism called Cross Site Scripting (XSS) which exploits systems which have HTTP TRACE functionality. HTTP TRACE is a default functional feature on most webservers and is used for things like debugging. Hackers who use XST will usually steal cookie and other sensitive server information via header requests.
You can disable the trace functionality either via your Apache configuration file or by putting the following in your .htaccess file:
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]