disable HTTP trace on Apache

Posted on 2005-04-08
Last Modified: 2008-02-01
I have been told that enabling HTTP TRACE support on Apache poses a security risk. I want to disable this and I know that its not as simple as modifying the httpd.conf file. Here are the instruction I got for disabling HTTP TRACE:
If you are using Apache, you can use mod_rewrite to disable the TRACE and TRACK methods. Add the following lines in the main part of your configuration file and for each virtual host (if you use virutal hosts):

RewriteEngine on RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F]

Be sure to add these lines in the main part of the configuration file and, if you use virutal hosts, in every VirtualHost section.
I am not quite sure if I understand the directions. How do I use the mod_rewrite module? Do I have to install it separately? If someone can give me details on how I can make this work, I would really apprecite. I am not too familiar with managing Apache webserver :(
The instruction also talks about add the code to the 'VirtualHost section'. Where exactly is that??
Question by:IUAATech
    LVL 27

    Expert Comment

    you'll need some linebreakes here

    RewriteEngine on
    RewriteRule .* - [F]

    To check if mod_rewrite is loaded: Just place the rules into your <virtualhosts>-Sections.
    > The instruction also talks about add the code to the 'VirtualHost section'. Where exactly is that??
    It looks like, thar you're not using virtualhosts. This is a section at the bottom of httpd.conf. It is inside a <virtualhost ...>....</virtualhost>-Container.

    If you don't use virtual hosts, just place the rules somewhere into "Section 2 Main Server Config" in your httpd.conf. But make sure, it's outside a <Directory>....</Directory>-container

    Author Comment

    >To check if mod_rewrite is loaded: Just place the rules into your <virtualhosts>-Sections.
    Do you mean I should add
    RewriteEngine on
    RewriteRule .* - [F]
    in the virtualhosts section of the httpd.conf file?
    LVL 27

    Accepted Solution

    only, if you're unsing the virtualhosts. if they hava a '#' before each line, you're not unsig them. Add it inside a <Virtualhost> container like

    <Virtualhost *>
       Documentroot /home...
       RewriteEngine on
       RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
       RewriteRule .* - [F]

    But if you are not unsing vortualhosts, add the rewriteRules somewhere in "Section 2" of your httpd.conf

    Author Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
    If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now