Quote:
Originally Posted by Webnauts
Would you recommend adding in the .htaccess for example this too?
## DENY REQUEST BASED ON REQUEST METHOD ###
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD)$ [NC]
RewriteRule ^.*$ - [F]
|
Webnauts:
I would suggest blocking those methods unless you have specific reasons for allowing them.
For those unfamiliar with the above choices check out
Method Definitions.