diff options
author | Micah <micah@leap.se> | 2016-06-16 12:24:01 -0400 |
---|---|---|
committer | Micah <micah@leap.se> | 2016-06-16 14:58:34 -0400 |
commit | 7becc465d726a1dbc1733db5c02c343cdac53d15 (patch) | |
tree | 3f9557b05e915023b22d8205fa77a09b105bc8d2 | |
parent | f2cc9926bcc0d72c8c490583b5eed712a869c4d2 (diff) |
Disable the Trace method (#8195)0.8.1
The Trace method is enabled because of the Apache module, but it is not the
default in Debian, and it should not be enabled, for more information see the
following:
https://www.kb.cert.org/vuls/id/867593
Change-Id: I06a06ae679dbf7049f26a017125b61e5e38f6268
-rw-r--r-- | puppet/modules/site_apache/files/conf.d/security | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/puppet/modules/site_apache/files/conf.d/security b/puppet/modules/site_apache/files/conf.d/security index a5ae5bdc..fdcf6270 100644 --- a/puppet/modules/site_apache/files/conf.d/security +++ b/puppet/modules/site_apache/files/conf.d/security @@ -45,8 +45,8 @@ ServerSignature Off # # Set to one of: On | Off | extended # -#TraceEnable Off -TraceEnable On +TraceEnable Off +#TraceEnable On # Setting this header will prevent other sites from embedding pages from this # site as frames. This defends against clickjacking attacks. |