Emmanuel E wrote:
Hi,
Is there any way to disable PUT DELETE and TRACE methods on Apache? User
authentication is one way but then it still allows authenticated users to
use those methods.
There is no PUT or DELETE unless you are loading and setting Dav On.
There is no reason to disable TRACE (vulnerability blah blah blah MS can't
write a safe client blah blah blah). However see TraceEnable in 1.3.34/2.0.55
if you are inclined to be so silly.
On Windows since Apache runs as system it does have full access permissions
to all files. From what I've been able to glean on google setting proper
process and file permissions seems to be the way to go. Does anyone know
what would be needed to be done on Windows?
http://httpd.apache.org/docs/2.0/platform/windows.html#winsvc
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
