nohurt
asked on
TRACE / TRACK vulnerability testing
I have Apache httpd server (version 2.2.3) running and our security team has asked that we lock it down to TRACE and TRACK vulnerabilities. i have read that i can use "TraceEnable off" to turn it off, but how do i test before and after to see that it really is an issue and that it is fixed after i make the change?
how do i test it and what should i see as the result?
Also, we redirect all http traffic to https, so is this still an issue?
thanks in advance for you help.
how do i test it and what should i see as the result?
Also, we redirect all http traffic to https, so is this still an issue?
thanks in advance for you help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.