disable host-name in apache

Disable HTTP TRACE or TRACK Request In Httpd (Apache)

Disable HTTP Trace or Track request In  Apache Web Server, we have this vulnerability this allows hackers to take the unauthorised access to the server TRACE and TRACK are two HTTP methods request which are used to debug web applications.

Check Out: Load PHP Module For Apache

By default, That not defined in httpd.conf file. You have to add this by itself. I will show you without adding those line.

curl -X TRACE localhost

curl trace

Now Add these line “TraceEnable off” in httpd.conf file.

turn off tracenable

Check Out: Install LAMP (linux, Apache ,Mysql ,PHP)

Now restart the Apache service

systemctl restart httpd

Again run the below command to make sure you won’t be getting the same output like the previous one. The output should be like this

curl -X TRACE localhost

trace localhost

This mean, you have hidden the server information by putting “ TraceEnable off

That’s it.

Sponsored

LEAVE A REPLY

Please enter your comment!
Please enter your name here

9 − 1 =