markus
Verified User
Check out these URLs:
http://cgi.nessus.org/plugins/dump.php3?id=11213
http://www.kb.cert.org/vuls/id/867593
http://www.cgisecurity.com/whitehat-mirror/WhitePaper_screen.pdf
In short, how to fix?
Add the following lines to each and every virtual host:
You should better do this by making a copy of the files virtual_host* in the /usr/local/directadmin/data/templates to its "custom" subdir, then edit them to add above mod_rewrite commands.
Note: Apache does not allow TRACE in the <Limit> directives, that's why they recommend the fix via mod_rewrite.
http://cgi.nessus.org/plugins/dump.php3?id=11213
http://www.kb.cert.org/vuls/id/867593
http://www.cgisecurity.com/whitehat-mirror/WhitePaper_screen.pdf
In short, how to fix?
Add the following lines to each and every virtual host:
Code:
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]You should better do this by making a copy of the files virtual_host* in the /usr/local/directadmin/data/templates to its "custom" subdir, then edit them to add above mod_rewrite commands.
Note: Apache does not allow TRACE in the <Limit> directives, that's why they recommend the fix via mod_rewrite.