[Freeipa-users] Can we disable HTTP TRACE / TRACK Method in IPA
Martin Kosek
mkosek at redhat.com
Fri Jul 15 07:29:49 UTC 2016
On 07/15/2016 08:17 AM, Zeal Vora wrote:
> Hi
>
> In our Internal VA, Vulnerability Assessment tools generates the HTTP TRACE /
> TRACK method in IPA as a medium based vulnerability.
>
> Is there a need to allow those two methods in IPA ?
>
> If not, what is the optimal way to disable those methods ?
>
>
> Thanks,
> Zeal
Hello Zeal,
I think it should be safe disabling these methods in FreeIPA Apache
configuration - I do not think FreeIPA uses them.
I added your remark to
https://fedorahosted.org/freeipa/ticket/4431
This is where we plan to harden the FreeIPA Apache instance. If you have any
other ideas that were not captured in the ticket yet, please feel free to share
them with us!
Thanks,
Martin
More information about the Freeipa-users
mailing list