disable host-name in apache

Disable HTTP Trace or hide Track request method In Apache Web Server, This can be a vulnerability that allows hackers to take unauthorized access to the server. TRACE and TRACK are two HTTP methods request which is used to debug web applications.

Check Out: Load PHP Module For Apache

Disable HTTP TRACE or TRACK Request In httpd (Apache):

We can also use the below configuration code to turn off these methods in the Apache server. you need to add these codes in each virtual host. if you don’t want these code to put then you can simply disable it.

RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)

RewriteRule .* - [F]

By default, That not defined in httpd.conf file. You have to add this by itself. I will show you without adding those lines.

curl -X TRACE localhost

Disable HTTP TRACE

Now add these lines “TraceEnable off” in httpd.conf file.

hide trace apache

Check Out: Install LAMP (Linux, Apache, Mysql, PHP)

Now restart the Apache service

systemctl restart httpd

Again run the below command to make sure you won’t be getting the same output as the previous one. you can use your website domain instead of the localhost. The output should be like this

curl -X TRACE localhost 

turn off apache method

This mean, you have hidden the server information by putting “TraceEnable off“

That’s it. turn off apache method hide trace apache

LEAVE A REPLY

Please enter your comment!
Please enter your name here