How to shut down Linux server after TRACE Method is enabled

Problem Description

---

ECS Linux How to turn off TRACE_Method in the system.

Problem Analysis

---

The dangers of turning on TRACE_Method

• Malicious attackers can learn about it through the information returned by TRACE Method To some information on the front end of the website, such as cachingserver, etc., thus facilitating the next attack.

• 
  

• Malicious attackers can conduct XSS attacks through the TRACE Method.

• 
  

• Even if the website enables the HttpOnly header tag for key pages and prohibits scripts from reading cookie information , then a malicious attacker can still bypass this restriction and read the cookie information through TRACE Method.

Solution

---

The method of turning off TRACE_Method is as follows (it is recommended to Configuration file before modification Backup):

1. Find the server configuration file /etc/httpd/conf/httpd.conf (the location of the server configuration file depends on the environment). Add to the last line of the file: TraceEnable off

If you are using Apache:
Confirm that the rewrite module is activated (httpd.conf, there is no # in front of the following line):

LoadModule rewrite_module modules/mod_rewrite.so

Add the following statements in the configuration file of each virtual host:

RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]

Note: You can search VirtualHost in httpd.conf to determine the configuration of the virtual host document.

3. After adding, restart the Web service.

If the problem cannot be solved, you can go to the Alibaba Cloud community for free consultation, or contact the cloud market merchant for help.

The above is the detailed content of How to shut down Linux server after TRACE Method is enabled. For more information, please follow other related articles on the PHP Chinese website!