Hi Apache,
I have the below vulnerability:
CONNECT Method Allowed in HTTP Server Or HTTP Proxy Server Vulnerability:
Tried solutions:
a. Commented the connect module in httpd.conf file : LoadModule
proxy_connect_module modules/mod_proxy_connect.so
b. Changed in httpd-ssl.conf file
# Load Rewrite engine
LoadModule rewrite_module path/to/apache/modules/mod_rewrite.so
#Enable Rewrite engine
RewriteEngine On
# Disable TRACE, TRACK, CONNECT, OPTIONS RewriteCond %{REQUEST_METHOD}
^(TRACE|TRACK|CONNECT|OPTIONS) RewriteRule .* - [F]
But no solutions worked. Can anyone help me to get rid of this vulnerability?
Thanks & Regards,
Surodip Patra
+91-9739883456
________________________________
This message is for the designated recipient only and may contain privileged,
proprietary, or otherwise confidential information. If you have received it in
error, please notify the sender immediately and delete the original. Any other
use of the e-mail by you is prohibited. Where allowed by local law, electronic
communications with Accenture and its affiliates, including e-mail and instant
messaging (including content), may be scanned by our systems for the purposes
of information security and assessment of internal compliance with Accenture
policy.
______________________________________________________________________________________
www.accenture.com
