Home / Linux

Linux

Disable Trace HTTP Request In Apache

 

Objective

By default, the HTTP TRACE request method is enabled in Apache web server.

Having this enabled can allow Cross Site Tracing attack and potentially give an option to a hacker to steal cookie information.

Solution

Disable the HTTP TRACE request method.

Edit your Apache configuration file  /etc/httpd/conf/httpd.conf  or  /etc/apache/httpd.conf  and add the following:

# Disable the HTTP TRACE request method
TraceEnable off

Reload Apache

[root@localhost]#   systemctl reload httpd.service

Use the online Request Method Security Scanner to remotely check your site for which HTTP request methods are allowed. It should list the TRACE method as “Method Not Allowed (405).”

My System Configuration

  • CentOS 7
  • Apache 2.4

 

Install WordPress 5.x with Apache, MariaDB 10 and PHP 7 on CentOS 7.x

WordPress is an open source and free blogging application and a dynamic CMS (Content Management System) developed using MySQL and PHP. It has huge number of third party plugins and themes. WordPress currently one of the most popular blogging platform available on the internet and used by millions of people across the globe.

In this tutorial we are going to explain how to install the popular content management system – WordPress using LAMP (Linux, Apache, MySQL/MariaDB, PHP) on RHEL, CentOS Linux distributions.

Enabling Remi repository

PHP 7.x packages are available in several different repositories. We’ll use the Remi repository which provides newer versions of various software packages including PHP.

Read More »

Contact me
instagram
sms
skype
whatsapp
telegram
phone
email
linkedin
viber
link
Contact Me on Zalo