disallow trace and track on vhosts -> security

author: mh <mh@immerda.ch> 2008-11-30 14:10:09 +0000
committer: mh <mh@immerda.ch> 2008-11-30 14:10:09 +0000
commit: 64cb4ea11550492adbdd36765bb196c078302ac6 (patch)
tree: 4e6d1a36f584c0163b46c1338d22459b4f0283d9 /templates/vhosts/static
parent: fb739f02a60321a0019e93f101d0c6b6352801a6 (diff)
2 files changed, 10 insertions, 0 deletions
diff --git a/templates/vhosts/static/CentOS.erb b/templates/vhosts/static/CentOS.erb
index 1019deb..6739e7b 100644
--- a/templates/vhosts/static/CentOS.erb
+++ b/templates/vhosts/static/CentOS.erb
@@ -21,4 +21,8 @@
     <%- unless additional_options == 'absent' then -%>
     <%= additional_options %>
     <%- end -%>
+
+    RewriteEngine on
+    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
+    RewriteRule .* - [F
 </VirtualHost>
diff --git a/templates/vhosts/static/OpenBSD.erb b/templates/vhosts/static/OpenBSD.erb
index 1c2498b..94ec206 100644
--- a/templates/vhosts/static/OpenBSD.erb
+++ b/templates/vhosts/static/OpenBSD.erb
@@ -32,6 +32,9 @@
     <%- unless additional_options.to_s == 'absent' then -%>
     <%= additional_options %>
     <%- end -%>
+    RewriteEngine on
+    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
+    RewriteRule .* - [F
 </VirtualHost>
 
 <%- unless ssl_mode.to_s == 'false'  then -%>
@@ -64,5 +67,8 @@
     <%- unless additional_options.to_s == 'absent' then -%>
     <%= additional_options %>
     <%- end -%>
+    RewriteEngine on
+    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
+    RewriteRule .* - [F
 </VirtualHost>
 <%- end -%>
author	mh <mh@immerda.ch>	2008-11-30 14:10:09 +0000
committer	mh <mh@immerda.ch>	2008-11-30 14:10:09 +0000
commit	64cb4ea11550492adbdd36765bb196c078302ac6 (patch)
tree	4e6d1a36f584c0163b46c1338d22459b4f0283d9 /templates/vhosts/static
parent	fb739f02a60321a0019e93f101d0c6b6352801a6 (diff)