PUT, TRACE, DELETE를 사용 불가능하게하기.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^TRACE [OR]
RewriteCond %{REQUEST_METHOD} ^PUT [OR]
RewriteCond %{REQUEST_METHOD} ^DELETERewriteRule .* – [F]
</IfModule>
적용전
[root@movie conf]# telnet localhost 80
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
TRACE / HTTP/1.0
Host: localhostHTTP/1.1 200 OK
Date: Fri, 06 Nov 2009 03:26:32 GMT
Server: Apache
Connection: close
Content-Type: message/httpTRACE / HTTP/1.0
Host: localhostConnection closed by foreign host.
적용후
[root@localhost conf]# telnet localhost 80
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
TRACE / HTTP/1.0
Host: localhostHTTP/1.1 403 Forbidden
Date: Fri, 06 Nov 2009 03:42:21 GMT
Server: Apache
Content-Length: 321
Connection: close
Content-Type: text/html; charset=iso-8859-1<!DOCTYPE HTML PUBLIC “-//IETF//DTD HTML 2.0//EN”>
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don’t have permission to access /
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
</body></html>
Connection closed by foreign host.