summaryrefslogtreecommitdiff
path: root/puppet/modules/site_apache/files/conf.d/security
diff options
context:
space:
mode:
authorMicah <micah@leap.se>2016-06-16 12:24:01 -0400
committerMicah <micah@leap.se>2016-06-16 14:55:22 -0400
commit293cdaee6db4a4d0b13a56fcd047819d60f38ce2 (patch)
treef3ba0722d820c2f90f41242d478b8c6aa546cba9 /puppet/modules/site_apache/files/conf.d/security
parent12b00fbf578d88281d3a00f268ffeda460d383d8 (diff)
Disable the Trace method (#8195)
The Trace method is enabled because of the Apache module, but it is not the default in Debian, and it should not be enabled, for more information see the following: https://www.kb.cert.org/vuls/id/867593 Change-Id: I06a06ae679dbf7049f26a017125b61e5e38f6268
Diffstat (limited to 'puppet/modules/site_apache/files/conf.d/security')
-rw-r--r--puppet/modules/site_apache/files/conf.d/security4
1 files changed, 2 insertions, 2 deletions
diff --git a/puppet/modules/site_apache/files/conf.d/security b/puppet/modules/site_apache/files/conf.d/security
index a5ae5bdc..fdcf6270 100644
--- a/puppet/modules/site_apache/files/conf.d/security
+++ b/puppet/modules/site_apache/files/conf.d/security
@@ -45,8 +45,8 @@ ServerSignature Off
#
# Set to one of: On | Off | extended
#
-#TraceEnable Off
-TraceEnable On
+TraceEnable Off
+#TraceEnable On
# Setting this header will prevent other sites from embedding pages from this
# site as frames. This defends against clickjacking attacks.